CVE-2022-34364Debug Messages Revealing Unnecessary Information in Dell Bsafe Ssl-j

CWE-1295Debug Messages Revealing Unnecessary InformationCWE-668Resource Exposure3 documents3 sources
Severity
4.4MEDIUMNVD
EPSS
0.1%
top 68.88%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Dell Bsafe Ssl-j
Timeline
PublishedFeb 10

Description

Dell BSAFE SSL-J, versions before 6.5 and version 7.0 contain a debug message revealing unnecessary information vulnerability. This may lead to disclosing sensitive information to a locally privileged user. .

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:NExploitability: 0.8 | Impact: 3.6

Affected Packages2 packages

CVEListV5dell/bsafe_ssl-j< 6.5+1
NVDdell/bsafe_ssl-j< 6.5+1

🔴Vulnerability Details

2
GHSA
GHSA-r228-w758-3qfv: Dell BSAFE SSL-J when used in debug mode can reveal unnecessary information2023-02-10
CVEList
CVE-2022-34364: Dell BSAFE SSL-J, versions before 62023-02-10
CVE-2022-34364 — Dell Bsafe Ssl-j vulnerability | cvebase