CVE-2023-43082
published 2023-11-22CVE-2023-43082: Dell Unity prior to 5.3 contains a 'man in the middle' vulnerability in the vmadapter component. If a customer has a certificate signed by a third-party public…
medium5.9CVSS 3.1
AVNACHPRNUINSUCHINAN
Dell Unity prior to 5.3 contains a 'man in the middle' vulnerability in the vmadapter component. If a customer has a certificate signed by a third-party public Certificate Authority, the vCenter CA could be spoofed by an attacker who can obtain a CA-signed certificate.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| dell | unity | — | — |
| dell | unity_operating_environment | < 5.3.0.0.5.120 | 5.3.0.0.5.120 |
| dell | unity_xt_operating_environment | < 5.3.0.0.5.120 | 5.3.0.0.5.120 |
| dell | unityvsa_operating_environment | < 5.3.0.0.5.120 | 5.3.0.0.5.120 |