CVE-2023-39250
Last modified
CVE-2023-39250 is a medium-severity vulnerability rated 5.5/10 on the CVSS scale. Dell Storage Integration Tools for VMware (DSITV) and Dell Storage vSphere Client Plugin (DSVCP) versions prior to 6.1.1 and Replay Manager for VMware (RMSV) versions prior to 3.1.2 contain an information disclosure vulnerability. A local low-privileged malicious user could potentially exploit this vulnerability to retrieve an encryption key that could aid in further attacks. EPSS estimates a 0.14% chance of exploitation in the next 30 days.
Description
Dell Storage Integration Tools for VMware (DSITV) and Dell Storage vSphere Client Plugin (DSVCP) versions prior to 6.1.1 and Replay Manager for VMware (RMSV) versions prior to 3.1.2 contain an information disclosure vulnerability. A local low-privileged malicious user could potentially exploit this vulnerability to retrieve an encryption key that could aid in further attacks.
Metrics
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Dell | Replay Manager For Vmware | < 3.1.2 |
| Dell | Storage Integration Tools For Vmware | < 6.1.1 |
| Dell | Storage Vsphere Client Plugin | < 6.1.1 |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2023-39250?
How severe is CVE-2023-39250?
How do I fix CVE-2023-39250?
Are you affected by CVE-2023-39250?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST