CVE-2023-25934

CVSS V2 None CVSS V3 None

Description

DELL ECS prior to 3.8.0.2 contains an improper verification of cryptographic signature vulnerability. A network attacker with an ability to intercept the request could potentially exploit this vulnerability to modify the body data of the request.

Overview

CVE ID
CVE-2023-25934

Assigner
security_alert@emc.com

Vulnerability Status
Received

Published Version
2023-05-04T07:15:22

Last Modified Date
2023-05-04T07:15:22

Weakness Enumerations

CWE	URL
CWE-310	http://cwe.mitre.org/data/definitions/310.html

References

Reference URL	Reference Tags
https://www.dell.com/support/kbdoc/en-us/000212970/dsa-2023-109-dell-ecs-security-update-for-multiple-vulnerabilities

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2023-25934
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25934

History

Created	Old Value	New Value	Data Type	Notes
2023-05-04 08:00:32				Added to TrackCVE
2023-05-04 08:00:33			Weakness Enumeration	new