CVE-2023-4129 — Inadequate Encryption Strength in Dell Data Protection Central

CWE-326 — Inadequate Encryption Strength5 documents4 sources

Severity

7.5HIGHNVD

CNA5.9

EPSS

0.1%

top 73.62%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Dell Data Protection Central

Timeline

PublishedSep 27

Description

Dell Data Protection Central, version 19.9, contains an Inadequate Encryption Strength Vulnerability. An unauthenticated network attacker could potentially exploit this vulnerability, allowing an attacker to recover plaintext from a block of ciphertext.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

▶CVEListV5dell/data_protection_centralVersion 19.9.0-10

▶NVDdell/data_protection_central19.9.0-10

🔴Vulnerability Details

GHSA

GHSA-x6h3-hhv5-vwvj: Dell Data Protection Central, version 19↗2023-09-27

▶

CVEList

CVE-2023-4129: Dell Data Protection Central, version 19↗2023-09-27

▶

OSV

linux-intel-iotg vulnerabilities↗2023-05-05

▶

OSV

linux-hwe-5.15 vulnerabilities↗2023-04-25

▶