Vulnerability Description
Dell PowerEdge Platform, 14G Intel BIOS version(s) prior to 2.22.x, contains an Improper Input Validation vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Dell | Emc Xc Core Xcxr2 Firmware | < 2.22.1 |
| Dell | Emc Xc Core Xcxr2 | - |
| Dell | Emc Xc Core Xc940 System Firmware | < 2.22.2 |
| Dell | Emc Xc Core Xc940 System | - |
| Dell | Emc Xc Core Xc740Xd2 Firmware | < 2.22.1 |
| Dell | Emc Xc Core Xc740Xd2 | - |
| Dell | Emc Xc Core Xc740Xd System Firmware | < 2.22.2 |
| Dell | Emc Xc Core Xc740Xd System | - |
| Dell | Emc Xc Core Xc640 System Firmware | < 2.22.2 |
| Dell | Emc Xc Core Xc640 System | - |
| Dell | Emc Xc Core 6420 System Firmware | < 2.22.2 |
| Dell | Emc Xc Core 6420 System | - |
| Dell | Emc Storage Nx3340 Firmware | < 2.22.2 |
| Dell | Emc Storage Nx3340 | - |
| Dell | Emc Storage Nx3240 Firmware | < 2.22.2 |
| Dell | Emc Storage Nx3240 | - |
| Dell | Poweredge Xe7440 Firmware | < 2.22.2 |
| Dell | Poweredge Xe7440 | - |
| Dell | Poweredge Xe7420 Firmware | < 2.22.2 |
| Dell | Poweredge Xe7420 | - |
Related Weaknesses (CWE)
References
FAQ
What is CVE-2024-38303?
CVE-2024-38303 is a vulnerability with a CVSS score of 5.3 (MEDIUM). Dell PowerEdge Platform, 14G Intel BIOS version(s) prior to 2.22.x, contains an Improper Input Validation vulnerability. A high privileged attacker with local access could potentially exploit this vul...
How severe is CVE-2024-38303?
CVE-2024-38303 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2024-38303?
Check the references section above for vendor advisories and patch information. Affected products include: Dell Emc Xc Core Xcxr2 Firmware, Dell Emc Xc Core Xcxr2, Dell Emc Xc Core Xc940 System Firmware, Dell Emc Xc Core Xc940 System, Dell Emc Xc Core Xc740Xd2 Firmware.