CVE-2023-32463

Dell VxRail, version(s) 8.0.100 and earlier contain a denial-of-service vulnerability in the upgrade functionality. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to degraded performance and system malfunction.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
3.4 LOW
LOCAL
LOW
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:L
dellCNA
3.4 LOW
LOCAL
LOW
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:L
CVEADP
---
---
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 38%
VendorProductVersion
dellvxrail_d560_firmware
𝑥
< 8.0.100
dellvxrail_d560f_firmware
𝑥
< 8.0.100
dellvxrail_e460_firmware
𝑥
< 8.0.100
dellvxrail_e560_firmware
𝑥
< 8.0.100
dellvxrail_e560_vcf_firmware
𝑥
< 8.0.100
dellvxrail_e560f_firmware
𝑥
< 8.0.100
dellvxrail_e560f_vcf_firmware
𝑥
< 8.0.100
dellvxrail_e560n_firmware
𝑥
< 8.0.100
dellvxrail_e560n_vcf_firmware
𝑥
< 8.0.100
dellvxrail_e660_firmware
𝑥
< 8.0.100
dellvxrail_e660f_firmware
𝑥
< 8.0.100
dellvxrail_e660n_firmware
𝑥
< 8.0.100
dellvxrail_e665_firmware
𝑥
< 8.0.100
dellvxrail_e665f_firmware
𝑥
< 8.0.100
dellvxrail_e665n_firmware
𝑥
< 8.0.100
dellvxrail_g560_firmware
𝑥
< 8.0.100
dellvxrail_g560_vcf_firmware
𝑥
< 8.0.100
dellvxrail_g560f_firmware
𝑥
< 8.0.100
dellvxrail_g560f_vcf_firmware
𝑥
< 8.0.100
dellvxrail_p470_firmware
𝑥
< 8.0.100
dellvxrail_p570_firmware
𝑥
< 8.0.100
dellvxrail_p570_vcf_firmware
𝑥
< 8.0.100
dellvxrail_p570f_firmware
𝑥
< 8.0.100
dellvxrail_p570f_vcf_firmware
𝑥
< 8.0.100
dellvxrail_p580n_firmware
𝑥
< 8.0.100
dellvxrail_p580n_vcf_firmware
𝑥
< 8.0.100
dellvxrail_p670f_firmware
𝑥
< 8.0.100
dellvxrail_p670n_firmware
𝑥
< 8.0.100
dellvxrail_p675f_firmware
𝑥
< 8.0.100
dellvxrail_p675n_firmware
𝑥
< 8.0.100
dellvxrail_s470_firmware
𝑥
< 8.0.100
dellvxrail_s570_firmware
𝑥
< 8.0.100
dellvxrail_s570_vcf_firmware
𝑥
< 8.0.100
dellvxrail_s670_firmware
𝑥
< 8.0.100
dellvxrail_v470_firmware
𝑥
< 8.0.100
dellvxrail_v570_firmware
𝑥
< 8.0.100
dellvxrail_v570_vcf_firmware
𝑥
< 8.0.100
dellvxrail_v570f_firmware
𝑥
< 8.0.100
dellvxrail_v570f_vcf_firmware
𝑥
< 8.0.100
dellvxrail_v670f_firmware
𝑥
< 8.0.100
dellvxrail_vd-4000r_firmware
𝑥
< 8.0.100
dellvxrail_vd-4000w_firmware
𝑥
< 8.0.100
dellvxrail_vd-4000z_firmware
𝑥
< 8.0.100
dellvxrail_vd-4510c_firmware
𝑥
< 8.0.100
dellvxrail_vd-4520c_firmware
𝑥
< 8.0.100
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://www.dell.com/support/kbdoc/en-us/000214659/dsa-2023-200-security-update-for-dell-vxrail-for-multiple-third-party-component-vulnerabilities
https://www.dell.com/support/kbdoc/en-us/000214659/dsa-2023-200-security-update-for-dell-vxrail-for-multiple-third-party-component-vulnerabilities