CVE-2022-34381
9.1
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Summary
Dell BSAFE SSL-J version 7.0 and all versions prior to 6.5, and Dell BSAFE Crypto-J versions prior to 6.2.6.1 contain an unmaintained third-party component vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to the compromise of the impacted system. This is a Critical vulnerability and Dell recommends customers to upgrade at the earliest opportunity.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Dell | Dell BSAFE Crypto-J | 0 < 6.2.6.1 | affected |
| Dell | Dell BSAFE SSL-J | 7.0 | affected |
| Dell | Dell BSAFE SSL-J | 0 < 6.5 | affected |
Weaknesses
- CWE-1329: CWE-1329: Reliance on Component That is Not Updateable
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: yes
- Technical Impact: total
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.