CVE-2024-29171Improper Certificate Validation in Dell Bsafe Ssl-j

CWE-295Improper Certificate Validation3 documents3 sources
Severity
7.5HIGHNVD
CNA5.9
EPSS
0.1%
top 74.12%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Dell Bsafe Ssl-jDell Bsafe Ssl-j
Timeline
PublishedFeb 12

Description

Dell BSAFE SSL-J, versions prior to 6.6 and versions 7.0 through 7.2, contains an Improper certificate verification vulnerability. A remote attacker could potentially exploit this vulnerability, leading to information disclosure.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

NVDdell/bsafe_ssl-j7.07.2.1+1
CVEListV5dell/dell_bsafe_ssl-jN/A6.6+1

🔴Vulnerability Details

2
CVEList
CVE-2024-29171: Dell BSAFE SSL-J, versions prior to 62025-02-12
GHSA
GHSA-vjvq-7vfq-g7j9: Dell BSAFE SSL-J contains an Improper certificate verification vulnerability2025-02-12
CVE-2024-29171 — Improper Certificate Validation | cvebase