fkie_cve-2023-23689
Vulnerability from fkie_nvd
Published
2023-02-28 17:15
Modified
2024-11-21 07:46
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
Dell PowerScale nodes A200, A2000, H400, H500, H600, H5600, F800, F810 integrated hardware management software contains an uncontrolled resource consumption vulnerability. This may allow an unauthenticated network host to impair built-in hardware management functionality and trigger OneFS data protection mechanism causing a denial of service.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:a200_firmware:9.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FE29D0B5-8B9E-4315-9EF8-9A0C79CFB864",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:dell:a200_firmware:9.1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9B97A62A-9141-4110-9E63-286494BF8B50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:dell:a200_firmware:9.2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF4F7E6-3CF2-462A-968E-652759AE28F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:dell:a200_firmware:9.2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "938CF757-C473-4762-A25C-196C7CF1ECE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:dell:a200_firmware:9.3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "789DC83A-C655-4284-963B-9F11A0BD942F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:dell:a200_firmware:9.4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "88312C85-7160-4CF2-9076-066A76F74F6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:dell:a200_firmware:9.5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9C3C3DA1-469F-4DF2-930D-7CEC2EE23CFE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:a200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C65730FE-CEB1-44E3-B2C3-0F6563A5ADD1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:a2000_firmware:9.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E895B354-D4B4-422E-BAAD-F92CED2D8CA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:dell:a2000_firmware:9.1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3C3074A2-5BAC-4325-A9FA-5289A6B423FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:dell:a2000_firmware:9.2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D33A1CCD-8AC8-491E-BEF2-419668B82CEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:dell:a2000_firmware:9.2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5040740B-62EF-4CD2-9A27-B57B3F3DC226",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:dell:a2000_firmware:9.3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6715DF08-A7C3-4617-A4D1-631A3BE1F82A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:dell:a2000_firmware:9.4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "ADF36683-E350-4432-8812-089F29227A68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:dell:a2000_firmware:9.5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B237FAB-17C8-4ADA-B79A-9E3EB9E1C682",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:a2000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "27E6A822-E31C-4B2E-9B96-CB25E0E55444",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:h400_firmware:9.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "88CFB77A-E2EB-4608-9C91-3257CEDAEB10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:dell:h400_firmware:9.1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EDAB45AC-DE75-4D37-8965-AE5D34A22EE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:dell:h400_firmware:9.2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "79E99D60-BCAE-4B03-BF06-9AD76418FFC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:dell:h400_firmware:9.2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "45EA731C-448E-4B41-9CFB-FF38F15B6840",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:dell:h400_firmware:9.3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F014B415-D0A0-47D5-A34D-295A82FDA82B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:dell:h400_firmware:9.4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "530B5E84-07FD-4C1A-BF22-49A9179FFF85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:dell:h400_firmware:9.5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1D79E132-DF3C-4AE5-8585-DEA5FDB1EFA6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:h400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8C1328B5-65EE-42D2-B3DA-8E69F509971F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:h500_firmware:9.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "93E4D4C3-CF81-4E63-AEA0-475AE2E8F235",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:dell:h500_firmware:9.1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4DEE8B61-B18A-418A-9519-FF6F15EBF42E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:dell:h500_firmware:9.2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07A7269C-C944-4F98-9FEC-1AFD7A600366",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:dell:h500_firmware:9.2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "37EC0FD6-4367-4402-A8FF-571664757B6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:dell:h500_firmware:9.3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CCD63BA6-A7FC-4B44-9148-E54BD25BCED9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:dell:h500_firmware:9.4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D767F09C-E638-4E69-A476-0AE6C0A0D54B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:dell:h500_firmware:9.5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5BB67BDE-AA33-45DE-B043-9F474F7F8951",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:h500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D7A9A004-FC1C-41D1-BD93-90D1046CB81F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:h600_firmware:9.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DAAE5794-C84F-4E80-B055-9F377731AC87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:dell:h600_firmware:9.1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "599CF350-9376-45A0-B65A-AE5588B536A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:dell:h600_firmware:9.2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7CB1C271-753A-4C7E-B960-EC0B1BDE0942",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:dell:h600_firmware:9.2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "15131A19-ED57-42BA-9599-FC58A39DEA9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:dell:h600_firmware:9.3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "82036E65-E9C8-4397-BCC6-FB8890265744",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:dell:h600_firmware:9.4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A54784BD-B87F-4254-9FFE-83DF4A52A545",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:dell:h600_firmware:9.5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16C0D8FB-F434-444C-B8EB-0D1DB4E0AD00",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:h600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB2D5E62-9649-4111-93C3-188A7845CF03",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:h5600_firmware:9.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B8C7422-7355-4E39-99D3-ED85A15ACD77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:dell:h5600_firmware:9.1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E826FCE0-8A02-4074-947C-010630DE7544",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:dell:h5600_firmware:9.2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AAE1CEFC-5551-4D86-AF0F-11D3F52AB968",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:dell:h5600_firmware:9.2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "785BEFFD-A51B-433D-BD06-36F136A3EBFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:dell:h5600_firmware:9.3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B476F8F4-C955-421A-90D7-8BAE4C43E59E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:dell:h5600_firmware:9.4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E75D388B-97BB-498E-9F46-098B3D7C484F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:dell:h5600_firmware:9.5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "69CB2FA7-459E-4276-A7F3-33E77F0BBABA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:h5600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC05FCFD-D05D-45D5-9FD6-152DF3CEB273",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:f800_firmware:9.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F25FDFDF-7D1F-4470-9AB8-E53273768C09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:dell:f800_firmware:9.1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4B88E9A9-A071-4453-B2C0-536B65608206",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:dell:f800_firmware:9.2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B1A40208-4C8D-44E1-A3BA-23E6A772D6EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:dell:f800_firmware:9.2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "57A266F7-3BDB-4495-BF80-0E2380BF8CCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:dell:f800_firmware:9.3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5E15CC67-D8CB-4AFB-BCFA-AA7849331A77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:dell:f800_firmware:9.4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C963B6F2-8708-48B4-ACE8-09B65702AC9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:dell:f800_firmware:9.5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DBF569C5-8494-4A70-B128-508B51B10B48",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:f800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3FF35AAF-9201-4B28-AEAB-0731EB15690D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:f810_firmware:9.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3302BD9A-75D3-4AB6-A827-F442A86570DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:dell:f810_firmware:9.1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "658416B1-8E38-45A7-8872-FBD1D5F9F890",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:dell:f810_firmware:9.2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D82EA4B0-6139-463E-A4BA-01ACE11ADB0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:dell:f810_firmware:9.2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5E2666D7-C2E4-48D7-B76D-D282090648C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:dell:f810_firmware:9.3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "01F33730-BC1A-4E2B-9E92-6A038E9489B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:dell:f810_firmware:9.4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D5D54960-EE50-49F5-BA6E-22B324A7D393",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:dell:f810_firmware:9.5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "15930676-6E85-408C-B793-E15DFDB3EADA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:f810:-:*:*:*:*:*:*:*",
"matchCriteriaId": "228CF091-BC4F-427A-84ED-013D7455244F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "\nDell PowerScale nodes A200, A2000, H400, H500, H600, H5600, F800, F810 integrated hardware management software contains an uncontrolled resource consumption vulnerability. This may allow an unauthenticated network host to impair built-in hardware management functionality and trigger OneFS data protection mechanism causing a denial of service.\n\n"
}
],
"id": "CVE-2023-23689",
"lastModified": "2024-11-21T07:46:39.990",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "security_alert@emc.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-02-28T17:15:11.200",
"references": [
{
"source": "security_alert@emc.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000209895/dell-emc-powerscale-onefs-security-updates-for-multiple-security"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000209895/dell-emc-powerscale-onefs-security-updates-for-multiple-security"
}
],
"sourceIdentifier": "security_alert@emc.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "security_alert@emc.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.