CVE-2023-32465
8.8
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Dell Power Protect Cyber Recovery, contains an Authentication Bypass vulnerability. An attacker could potentially exploit this vulnerability, leading to unauthorized admin access to the Cyber Recovery application. Exploitation may lead to complete system takeover by an attacker.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Dell | PowerProtect Cyber Recovery | 19.4 through 19.13.0.2 | affected |
Weaknesses
- CWE-644: CWE-644: Improper Neutralization of HTTP Headers for Scripting Syntax
ADP Enrichment
CVE Program Container
Additional References
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: total
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.