fkie_nvd - fkie_cve-2024-22453

fkie_cve-2024-22453

Vulnerability from fkie_nvd

Published

2024-03-19 08:15

Modified

2025-02-04 17:31

Severity ?

7.2 (High) - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:H/A:H
6.0 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H

Summary

Dell PowerEdge Server BIOS contains a heap-based buffer overflow vulnerability. A local high privileged attacker could potentially exploit this vulnerability to write to otherwise unauthorized memory.

References

▼	URL	Tags
	security_alert@emc.com	https://www.dell.com/support/kbdoc/en-us/000223209/dsa-2024-105-security-update-for-dell-poweredge-server-bios-for-a-heap-based-buffer-overflow-vulnerability	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://www.dell.com/support/kbdoc/en-us/000223209/dsa-2024-105-security-update-for-dell-poweredge-server-bios-for-a-heap-based-buffer-overflow-vulnerability	Vendor Advisory

Impacted products

Vendor	Product	Version
dell	poweredge_r730_firmware	*
dell	poweredge_r730	-
dell	poweredge_r730xd_firmware	*
dell	poweredge_r730xd	-
dell	poweredge_r630_firmware	*
dell	poweredge_r630	-
dell	poweredge_c4130_firmware	*
dell	poweredge_c4130	-
dell	poweredge_r930_firmware	*
dell	poweredge_r930	-
dell	poweredge_m630_firmware	*
dell	poweredge_m630	-
dell	poweredge_m630_\(pe_vrtx\)_firmware	*
dell	poweredge_m630_\(pe_vrtx\)	-
dell	poweredge_fc630_firmware	*
dell	poweredge_fc630	-
dell	poweredge_fc430_firmware	*
dell	poweredge_fc430	-
dell	poweredge_m830_firmware	*
dell	poweredge_m830	-
dell	poweredge_m830_\(pe_vrtx\)_firmware	*
dell	poweredge_m830_\(pe_vrtx\)	-
dell	poweredge_fc830_firmware	*
dell	poweredge_fc830	-
dell	poweredge_t630_firmware	*
dell	poweredge_t630	-
dell	poweredge_r530_firmware	*
dell	poweredge_r530	-
dell	poweredge_r430_firmware	*
dell	poweredge_r430	-
dell	poweredge_t430_firmware	*
dell	poweredge_t430	-
dell	poweredge_r830_firmware	*
dell	poweredge_r830	-
dell	poweredge_c6320_firmware	*
dell	poweredge_c6320	-
dell	nx3230_firmware	*
dell	nx3230	-
dell	nx3330_firmware	*
dell	nx3330	-
dell	xc6320_firmware	*
dell	xc6320	-
dell	xc430_firmware	*
dell	xc430	-
dell	xc630_firmware	*
dell	xc630	-
dell	xc730_firmware	*
dell	xc730	-
dell	xc730xd_firmware	*
dell	xc730xd	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:poweredge_r730_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FEA86EFE-D74A-4FAF-AC9A-633727D72576",
              "versionEndExcluding": "2.19.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:poweredge_r730:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F2D8095-BFAD-4A4C-92EF-5C27AC5860FC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:poweredge_r730xd_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F86999EA-7EED-4463-8CF3-53A4F1A4E68F",
              "versionEndExcluding": "2.19.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:poweredge_r730xd:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F20FC968-9159-4514-9001-B6E14AAC9BB4",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:poweredge_r630_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A95501F-9CB4-4758-90FB-7993C5B8479F",
              "versionEndExcluding": "2.19.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:poweredge_r630:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3889B4D3-0B99-44AC-B732-809F7652C9D2",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:poweredge_c4130_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "373FCE8C-3C8D-4698-9888-98C65E6D7C01",
              "versionEndExcluding": "2.19.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:poweredge_c4130:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "89E0CC72-B046-4F7C-B7FD-E8E0995C0333",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:poweredge_r930_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A2C8BFD-3874-4912-8EC1-98647E3D0C9D",
              "versionEndExcluding": "2.14.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:poweredge_r930:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1669BF88-F4AC-4166-B657-A5E0EB95F206",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:poweredge_m630_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7BB719C-00D7-4C78-BB42-329BE0420309",
              "versionEndExcluding": "2.19.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:poweredge_m630:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "05ABA114-D098-48D2-9E0F-E021D82F08B2",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:poweredge_m630_\\(pe_vrtx\\)_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D42919E5-52CF-44A1-B4FD-A5B9799211E1",
              "versionEndExcluding": "2.19.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:poweredge_m630_\\(pe_vrtx\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D90D2E26-AD95-4284-9007-50A60364A34C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:poweredge_fc630_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9CB9AD96-DE95-4F41-98A1-C27F41123BD2",
              "versionEndExcluding": "2.19.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:poweredge_fc630:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E5481DE-457C-44D4-A3FE-10DB525699E3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:poweredge_fc430_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "077D28F0-6748-4F82-982F-753F998427A6",
              "versionEndExcluding": "2.19.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:poweredge_fc430:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1C272E6-7D78-433C-B668-EF0E810CC5BB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:poweredge_m830_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "790AB221-887C-44BB-9819-895266CC966B",
              "versionEndExcluding": "2.19.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:poweredge_m830:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3BE9AB9-8093-437E-9BF6-8BA0D5ECC7D3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:poweredge_m830_\\(pe_vrtx\\)_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C2E7166-A7C5-477E-B9DB-6E23B4D79FC4",
              "versionEndExcluding": "2.19.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:poweredge_m830_\\(pe_vrtx\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE4FDBF0-B9FE-4A7C-93B7-FF9E0E63B424",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:poweredge_fc830_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9DA2898A-EC3A-4D35-B8EB-6CF9E346CFFE",
              "versionEndExcluding": "2.19.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:poweredge_fc830:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C060A4FA-B524-497C-AC27-3256ED048DF7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:poweredge_t630_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB9F2BE0-F283-472F-A583-6B9283E4A529",
              "versionEndExcluding": "2.19.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:poweredge_t630:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F2B4062-E672-4F04-AA58-769DC546DA10",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:poweredge_r530_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E28BABF-8EE2-4ED0-8341-329FE56E34BF",
              "versionEndExcluding": "2.19.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:poweredge_r530:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1ECA70D5-0884-4B74-92C0-DFBC8454FDAD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:poweredge_r430_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8082BDB-1AC5-45B2-949B-1B5B8DD6126B",
              "versionEndExcluding": "2.19.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:poweredge_r430:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8EFF354-4534-480D-B52E-5FA575659E77",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:poweredge_t430_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2931E08C-E557-4E30-9A3B-81AA9CE1056E",
              "versionEndExcluding": "2.19.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:poweredge_t430:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B326C0B3-8CDF-4451-8B59-6E6EA3F1AB76",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:poweredge_r830_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "06131E42-6E13-4C93-BEA3-A3073AF05A17",
              "versionEndExcluding": "1.19.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:poweredge_r830:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFD80313-F625-40DE-82CC-15EBD2747991",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:poweredge_c6320_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D55DF536-984E-4BE6-A9E5-613CDAAD8171",
              "versionEndExcluding": "2.19.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:poweredge_c6320:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB62B772-0492-490F-B971-93854DFD0CE0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:nx3230_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5945E528-0ECE-4C0F-9D6D-FC0FA8BCBC37",
              "versionEndExcluding": "2.19.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:nx3230:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "24D0E8F8-4EEB-4A1E-B853-3704140A86B8",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:nx3330_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A372313B-02BA-4B1F-B0FB-175D4DCEFF58",
              "versionEndExcluding": "2.19.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:nx3330:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9428F53B-5740-4E8F-8569-ECE6CA4C137F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:xc6320_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5CE9E93-A46D-40E3-B115-237BA73D91E2",
              "versionEndExcluding": "2.19.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:xc6320:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "93911F86-8562-43A9-8DCC-34482CD1233A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:xc430_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D20DBEE-30BF-4CD7-8E52-966851D54215",
              "versionEndExcluding": "2.19.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:xc430:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A999FC9-150A-472C-8B57-5E41D43B6BEC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:xc630_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "01B3B015-74E9-4A61-AEA4-A322FDC28445",
              "versionEndExcluding": "2.19.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:xc630:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "48F88DD5-EE82-467E-9E19-88C7829EE1CB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:xc730_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A328429-B728-4DB6-9E33-8B4986537A35",
              "versionEndExcluding": "2.19.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:xc730:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1D48B26-84DE-477D-9220-B600938ED14B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:xc730xd_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE4346FD-76DD-4ABD-8820-3456DDEB5FD1",
              "versionEndExcluding": "2.19.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:xc730xd:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "193DEB94-B27C-4038-A544-3CCC35FBCEA5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Dell PowerEdge Server BIOS contains a heap-based buffer overflow vulnerability. A local high privileged attacker could potentially exploit this vulnerability to write to otherwise unauthorized memory."
    },
    {
      "lang": "es",
      "value": "El BIOS del servidor Dell PowerEdge contiene una vulnerabilidad de desbordamiento de b\u00fafer de almacenamiento din\u00e1mico. Un atacante local con privilegios elevados podr\u00eda explotar esta vulnerabilidad para escribir en una memoria que de otro modo no estar\u00eda autorizada."
    }
  ],
  "id": "CVE-2024-22453",
  "lastModified": "2025-02-04T17:31:14.817",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.2,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 0.8,
        "impactScore": 5.8,
        "source": "security_alert@emc.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 6.0,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 0.8,
        "impactScore": 5.2,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2024-03-19T08:15:06.480",
  "references": [
    {
      "source": "security_alert@emc.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.dell.com/support/kbdoc/en-us/000223209/dsa-2024-105-security-update-for-dell-poweredge-server-bios-for-a-heap-based-buffer-overflow-vulnerability"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.dell.com/support/kbdoc/en-us/000223209/dsa-2024-105-security-update-for-dell-poweredge-server-bios-for-a-heap-based-buffer-overflow-vulnerability"
    }
  ],
  "sourceIdentifier": "security_alert@emc.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-122"
        }
      ],
      "source": "security_alert@emc.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

cve-2024-22453

Vulnerability from cvelistv5

Published

2024-03-19 07:42

Modified

2024-08-01 22:43

Severity ?

7.2 (High) - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:H/A:H

Summary

References

▼	URL	Tags
	https://www.dell.com/support/kbdoc/en-us/000223209/dsa-2024-105-security-update-for-dell-poweredge-server-bios-for-a-heap-based-buffer-overflow-vulnerability	vendor-advisory

Impacted products

	Vendor	Product	Version
	Dell	PowerEdge Platform	Version: N/A ≤ Version: N/A ≤ Version: N/A ≤

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-22453",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-03-19T14:44:45.916921Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:52:52.907Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T22:43:34.929Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.dell.com/support/kbdoc/en-us/000223209/dsa-2024-105-security-update-for-dell-poweredge-server-bios-for-a-heap-based-buffer-overflow-vulnerability"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "PowerEdge Platform",
          "vendor": "Dell",
          "versions": [
            {
              "lessThan": "2.19.0",
              "status": "affected",
              "version": "N/A",
              "versionType": "semver"
            },
            {
              "lessThan": "2.14.0",
              "status": "affected",
              "version": "N/A",
              "versionType": "semver"
            },
            {
              "lessThan": "1.19.0",
              "status": "affected",
              "version": "N/A",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Dell would like to thank schur of BUPT, Dubhe Lab for reporting this issue"
        }
      ],
      "datePublic": "2024-03-18T06:30:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Dell PowerEdge Server BIOS contains a heap-based buffer overflow vulnerability. A local high privileged attacker could potentially exploit this vulnerability to write to otherwise unauthorized memory."
            }
          ],
          "value": "Dell PowerEdge Server BIOS contains a heap-based buffer overflow vulnerability. A local high privileged attacker could potentially exploit this vulnerability to write to otherwise unauthorized memory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-122",
              "description": "CWE-122: Heap-based Buffer Overflow",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-03-19T07:42:27.785Z",
        "orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
        "shortName": "dell"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.dell.com/support/kbdoc/en-us/000223209/dsa-2024-105-security-update-for-dell-poweredge-server-bios-for-a-heap-based-buffer-overflow-vulnerability"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
    "assignerShortName": "dell",
    "cveId": "CVE-2024-22453",
    "datePublished": "2024-03-19T07:42:27.785Z",
    "dateReserved": "2024-01-10T15:26:10.251Z",
    "dateUpdated": "2024-08-01T22:43:34.929Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted