CVE-2023-28077Debug Messages Revealing Unnecessary Information in Dell Bsafe Ssl-j

CWE-1295Debug Messages Revealing Unnecessary InformationCWE-200Sensitive Information Exposure3 documents3 sources
Severity
4.4MEDIUMNVD
EPSS
0.0%
top 87.91%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Dell Bsafe Ssl-jDell Bsafe Ssl-j
Timeline
PublishedFeb 10

Description

Dell BSAFE SSL-J, versions prior to 6.5, and versions 7.0 and 7.1 contain a debug message revealing unnecessary information vulnerability. This may lead to disclosing sensitive information to a locally privileged user.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:NExploitability: 0.8 | Impact: 3.6

Affected Packages2 packages

NVDdell/bsafe_ssl-j6.06.5.1+1
CVEListV5dell/dell_bsafe_ssl-j6.0.x6.5+1

🔴Vulnerability Details

2
CVEList
CVE-2023-28077: Dell BSAFE SSL-J, versions prior to 62024-02-10
GHSA
GHSA-3ff6-x43r-fcj7: Dell BSAFE SSL-J, versions prior to 62024-02-10
CVE-2023-28077 — Dell Bsafe Ssl-j vulnerability | cvebase