CVE-2023-32465

Summary

Dell Power Protect Cyber Recovery, contains an Authentication Bypass vulnerability. An attacker could potentially exploit this vulnerability, leading to unauthorized admin access to the Cyber Recovery application. Exploitation may lead to complete system takeover by an attacker.

Affected Software

VendorProductVersion RangeStatus
DellPowerProtect Cyber Recovery19.4 through 19.13.0.2affected

Weaknesses

  • CWE-644: CWE-644: Improper Neutralization of HTTP Headers for Scripting Syntax

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References