CVE-2023-23690
CVSS V2 None
CVSS V3 None
Description
Cloud Mobility for Dell EMC Storage, versions 1.3.0.X and below contains an Improper Check for Certificate Revocation vulnerability. A threat actor does not need any specific privileges to potentially exploit this vulnerability. An attacker could perform a man-in-the-middle attack and eavesdrop on encrypted communications from Cloud Mobility to Cloud Storage devices. Exploitation could lead to the compromise of secret and sensitive information, cloud storage connection downtime, and the integrity of the connection to the Cloud devices.
Overview
- CVE ID
- CVE-2023-23690
- Assigner
- security_alert@emc.com
- Vulnerability Status
- Analyzed
- Published Version
- 2023-01-19T12:15:13
- Last Modified Date
- 2023-01-27T16:17:02
Weakness Enumerations
CPE Configuration (Product)
| CPE | Vulnerable | Operator | Version Start | Version End |
|---|---|---|---|---|
| cpe:2.3:a:dell:cloud_mobility_for_dell_emc_storage:*:*:*:*:*:*:*:* | 1 | OR | 1.3.4.0 |
References
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2023-23690 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23690 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2023-01-19 13:14:24 | Added to TrackCVE | |||
| 2023-01-19 13:14:24 | Weakness Enumeration | new | ||
| 2023-01-19 16:15:26 | 2023-01-19T14:38:20 | CVE Modified Date | updated | |
| 2023-01-19 16:15:26 | Received | Awaiting Analysis | Vulnerability Status | updated |
| 2023-01-25 20:13:51 | Awaiting Analysis | Undergoing Analysis | Vulnerability Status | updated |
| 2023-01-27 17:15:31 | 2023-01-27T16:17:02 | CVE Modified Date | updated | |
| 2023-01-27 17:15:31 | Undergoing Analysis | Analyzed | Vulnerability Status | updated |
| 2023-01-27 17:15:32 | Weakness Enumeration | update | ||
| 2023-01-27 17:15:32 | CPE Information | updated |