Vulnerability Description
Dell DM5500 5.14.0.0, contain a Plain-text Password Storage Vulnerability in the appliance. A local attacker with privileges could potentially exploit this vulnerability, leading to the disclosure of certain service credentials. The attacker may be able to use the exposed credentials to access the vulnerable application with privileges of the compromised account.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Dell | Powerprotect Data Manager Dm5500 Firmware | <= 5.14.0.0 |
| Dell | Powerprotect Data Manager Dm5500 | - |
Related Weaknesses (CWE)
References
- https://www.dell.com/support/kbdoc/en-us/000220107/dsa-2023-425-security-update-Vendor Advisory
- https://www.dell.com/support/kbdoc/en-us/000220107/dsa-2023-425-security-update-Vendor Advisory
FAQ
What is CVE-2023-44300?
CVE-2023-44300 is a vulnerability with a CVSS score of 5.5 (MEDIUM). Dell DM5500 5.14.0.0, contain a Plain-text Password Storage Vulnerability in the appliance. A local attacker with privileges could potentially exploit this vulnerability, leading to the disclosure ...
How severe is CVE-2023-44300?
CVE-2023-44300 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-44300?
Check the references section above for vendor advisories and patch information. Affected products include: Dell Powerprotect Data Manager Dm5500 Firmware, Dell Powerprotect Data Manager Dm5500.