CVE-2023-43082

Summary

Dell Unity prior to 5.3 contains a 'man in the middle' vulnerability in the vmadapter component. If a customer has a certificate signed by a third-party public Certificate Authority, the vCenter CA could be spoofed by an attacker who can obtain a CA-signed certificate.

Affected Software

VendorProductVersion RangeStatus
DellUnityVersions prior to 5.3.0.0.5.120affected

Weaknesses

  • CWE-295: CWE-295: Improper Certificate Validation

ADP Enrichment

CVE Program Container

Additional References

References