Dell Bsafe Ssl-J vulnerabilities

5 known vulnerabilities affecting dell/dell_bsafe_ssl-j.

Total CVEs
5
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH3MEDIUM1

Vulnerabilities

Page 1 of 1
CVE-2024-29171HIGHCVSS 7.5≥ N/A, < 6.6≥ 7.0, ≤ 7.22025-02-12
CVE-2024-29171 [HIGH] CWE-295 CVE-2024-29171: Dell BSAFE SSL-J, versions prior to 6.6 and versions 7.0 through 7.2, contains an Improper certifica Dell BSAFE SSL-J, versions prior to 6.6 and versions 7.0 through 7.2, contains an Improper certificate verification vulnerability. A remote attacker could potentially exploit this vulnerability, leading to information disclosure.
cvelistv5nvd
CVE-2024-29172HIGHCVSS 7.5≥ N/A, < 6.6≥ 7.0, ≤ 7.22025-02-12
CVE-2024-29172 [HIGH] CWE-833 CVE-2024-29172: Dell BSAFE SSL-J, versions prior to 6.6 and versions 7.0 through 7.2, contains a deadlock vulnerabil Dell BSAFE SSL-J, versions prior to 6.6 and versions 7.0 through 7.2, contains a deadlock vulnerability. A remote attacker could potentially exploit this vulnerability, leading to a Denial of Service.
cvelistv5nvd
CVE-2023-28077MEDIUMCVSS 4.4≥ 6.0.x, ≤ 6.5≥ 7.0, ≤ 7.12024-02-10
CVE-2023-28077 [MEDIUM] CWE-1295 CVE-2023-28077: Dell BSAFE SSL-J, versions prior to 6.5, and versions 7.0 and 7.1 contain a debug message revealing Dell BSAFE SSL-J, versions prior to 6.5, and versions 7.0 and 7.1 contain a debug message revealing unnecessary information vulnerability. This may lead to disclosing sensitive information to a locally privileged user.
cvelistv5nvd
CVE-2022-34381CRITICALCVSS 9.8v7.0fixed in 6.52024-02-02
CVE-2022-34381 [CRITICAL] CWE-1329 CVE-2022-34381: Dell BSAFE SSL-J version 7.0 and all versions prior to 6.5, and Dell BSAFE Crypto-J versions prior Dell BSAFE SSL-J version 7.0 and all versions prior to 6.5, and Dell BSAFE Crypto-J versions prior to 6.2.6.1 contain an unmaintained third-party component vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to the compromise of the impacted system. This is a Critical vulnerability and Dell recom
cvelistv5nvd
CVE-2022-24409HIGHCVSS 7.5≥ 5.1, < unspecified≥ unspecified, < 6.42022-02-23
CVE-2022-24409 [HIGH] CWE-385 CVE-2022-24409: Dell BSAFE SSL-J contains remediation for a covert timing channel vulnerability that may be exploite Dell BSAFE SSL-J contains remediation for a covert timing channel vulnerability that may be exploited by malicious users to compromise the affected system. Only customers with active BSAFE maintenance contracts can receive details about this vulnerability. Public disclosure of the vulnerability details will be shared at a later date.
cvelistv5nvd