CVE-2023-23689 — MEDIUM (5.3)

Vulnerability Description

Dell PowerScale nodes A200, A2000, H400, H500, H600, H5600, F800, F810 integrated hardware management software contains an uncontrolled resource consumption vulnerability. This may allow an unauthenticated network host to impair built-in hardware management functionality and trigger OneFS data protection mechanism causing a denial of service.

CVSS Score

5.3

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

NONE

Availability

LOW

Affected Products

Vendor	Product	Versions
Dell	A200 Firmware	9.0.0.0
Dell	A200	-
Dell	A2000 Firmware	9.0.0.0
Dell	A2000	-
Dell	H400 Firmware	9.0.0.0
Dell	H400	-
Dell	H500 Firmware	9.0.0.0
Dell	H500	-
Dell	H600 Firmware	9.0.0.0
Dell	H600	-
Dell	H5600 Firmware	9.0.0.0
Dell	H5600	-
Dell	F800 Firmware	9.0.0.0
Dell	F800	-
Dell	F810 Firmware	9.0.0.0
Dell	F810	-

Related Weaknesses (CWE)

CWE-400

References

https://www.dell.com/support/kbdoc/en-us/000209895/dell-emc-powerscale-onefs-secPatchVendor Advisory
https://www.dell.com/support/kbdoc/en-us/000209895/dell-emc-powerscale-onefs-secPatchVendor Advisory

FAQ

What is CVE-2023-23689?

CVE-2023-23689 is a vulnerability with a CVSS score of 5.3 (MEDIUM). Dell PowerScale nodes A200, A2000, H400, H500, H600, H5600, F800, F810 integrated hardware management software contains an uncontrolled resource consumption vulnerability. This may allow an unauthent...

How severe is CVE-2023-23689?

CVE-2023-23689 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2023-23689?

Check the references section above for vendor advisories and patch information. Affected products include: Dell A200 Firmware, Dell A200, Dell A2000 Firmware, Dell A2000, Dell H400 Firmware.