CVE-2023-32464

CVSS 2.7 · Low EPSS 0.10% · P26 Updated Jan 25, 2025

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2023-32464

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

Dell VxRail, versions prior to 7.0.450, contain an improper certificate validation vulnerability. A high privileged remote attacker may potentially exploit this vulnerability to carry out a man-in-the-middle attack by supplying a crafted certificate and intercepting the victim's traffic to view or modify a victim’s data in transit.

Source: NVD (National Vulnerability Database)

CVSS Information

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N

Source: NVD (National Vulnerability Database)

Vulnerability Type

证书验证不恰当

Source: NVD (National Vulnerability Database)

Vulnerability Title

Dell VxRail 信任管理问题漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Dell VxRail是美国戴尔（Dell）公司的适用于每个 VMware 工作负载和用例（包括 VDI、计算密集型应用程序）以及在真正的混合云基础架构上托管传统和现代应用程序的单一 HCI 平台。 Dell VxRail 7.0.450及之前版本存在信任管理问题漏洞，该漏洞源于包含不正确的证书验证，攻击者利用该漏洞可以通过提供精心设计的证书并拦截受害者的流量以查看或修改受害者传输中的数据来执行中间人攻击。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
Dell	Dell EMC VxRail Appliance	7.0.x versions before 7.0.450	-

II. Public POCs for CVE-2023-32464

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2023-32464

请登录查看更多情报信息。

Same Patch Batch · Dell · 2023-06-23 · 34 CVEs total

CVE-2023-28073	8.2 HIGH	Dell BIOS 授权问题漏洞
CVE-2023-32480	6.8 MEDIUM	Dell BIOS 输入验证错误漏洞
CVE-2023-28065	6.7 MEDIUM	部分Dell产品后置链接漏洞
CVE-2023-28071	6.3 MEDIUM	Dell Command Update 后置链接漏洞
CVE-2023-28028	5.1 MEDIUM	Dell BIOS 输入验证错误漏洞
CVE-2023-28058	5.1 MEDIUM	Dell BIOS 输入验证错误漏洞
CVE-2023-28050	5.1 MEDIUM	Dell BIOS 输入验证错误漏洞
CVE-2023-28026	5.1 MEDIUM	Dell BIOS 输入验证错误漏洞
CVE-2023-28044	5.1 MEDIUM	Dell BIOS 输入验证错误漏洞
CVE-2023-28060	5.1 MEDIUM	Dell BIOS 输入验证错误漏洞
CVE-2023-25938	5.1 MEDIUM	Dell BIOS 输入验证错误漏洞
CVE-2023-28031	5.1 MEDIUM	Dell BIOS 输入验证错误漏洞
CVE-2023-28034	5.1 MEDIUM	Dell BIOS 输入验证错误漏洞
CVE-2023-28027	5.1 MEDIUM	Dell BIOS 输入验证错误漏洞
CVE-2023-28036	5.1 MEDIUM	Dell BIOS 输入验证错误漏洞
CVE-2023-28032	5.1 MEDIUM	Dell BIOS 输入验证错误漏洞
CVE-2023-28041	5.1 MEDIUM	Dell BIOS 输入验证错误漏洞
CVE-2023-25936	5.1 MEDIUM	Dell BIOS 输入验证错误漏洞
CVE-2023-28052	5.1 MEDIUM	Dell BIOS 输入验证错误漏洞
CVE-2023-28054	5.1 MEDIUM	Dell BIOS 输入验证错误漏洞

Showing top 20 of 34 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: Dell EMC VxRail Appliance

CVE-2023-32463
Dell VxRail 输入验证错误漏洞

Same vendor: Dell

Same weakness: CWE-295

V. Comments for CVE-2023-32464

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2023-32464

I. Basic Information for CVE-2023-32464

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2023-32464

III. Intelligence Information for CVE-2023-32464

Same Patch Batch · Dell · 2023-06-23 · 34 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2023-32464

Leave a comment