Vulnerability-Lookup - Search a vulnerability

All the vulnerabilites related to dell - poweredge_m640_\(for_pe_vrtx\)

cve-2024-38303

Vulnerability from cvelistv5

Published

2024-08-29 04:34

Modified

2024-08-29 13:49

Severity ?

5.3 (Medium) - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N

Summary

Dell PowerEdge Platform, 14G Intel BIOS version(s) prior to 2.22.x, contains an Improper Input Validation vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure.

References

▼	URL	Tags
	https://www.dell.com/support/kbdoc/en-us/000228135/dsa-2024-309-security-update-for-dell-poweredge-server-for-improper-input-validation-vulnerability	vendor-advisory

Impacted products

Vendor

Product

Version

▼

Dell

PowerEdge Platform

Version: N/A ≤
Version: N/A ≤

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-38303",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-08-29T13:49:25.085284Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-08-29T13:49:36.661Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "PowerEdge Platform",
          "vendor": "Dell",
          "versions": [
            {
              "lessThan": "2.22.1",
              "status": "affected",
              "version": "N/A",
              "versionType": "semver"
            },
            {
              "lessThan": "2.22.0",
              "status": "affected",
              "version": "N/A",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Dell would like to thank codebreaker1337 for reporting this issue."
        }
      ],
      "datePublic": "2024-08-28T06:30:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Dell PowerEdge Platform, 14G Intel BIOS version(s) prior to 2.22.x, contains an Improper Input Validation vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure."
            }
          ],
          "value": "Dell PowerEdge Platform, 14G Intel BIOS version(s) prior to 2.22.x, contains an Improper Input Validation vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20: Improper Input Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-08-29T04:34:53.178Z",
        "orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
        "shortName": "dell"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.dell.com/support/kbdoc/en-us/000228135/dsa-2024-309-security-update-for-dell-poweredge-server-for-improper-input-validation-vulnerability"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
    "assignerShortName": "dell",
    "cveId": "CVE-2024-38303",
    "datePublished": "2024-08-29T04:34:53.178Z",
    "dateReserved": "2024-06-13T14:41:01.527Z",
    "dateUpdated": "2024-08-29T13:49:36.661Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-38304

Vulnerability from cvelistv5

Published

2024-08-29 08:03

Modified

2024-08-29 13:28

Severity ?

3.8 (Low) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N

Summary

Dell PowerEdge Platform, 14G Intel BIOS version(s) prior to 2.22.x, contains an Access of Memory Location After End of Buffer vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure.

References

▼	URL	Tags
	https://www.dell.com/support/kbdoc/en-us/000228137/dsa-2024-310-security-update-for-dell-poweredge-server-for-access-of-memory-location-after-end-of-buffer-vulnerability	vendor-advisory

Impacted products

Vendor

Product

Version

▼

Dell

PowerEdge Platform

Version: N/A ≤
Version: N/A ≤

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-38304",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-08-29T13:28:25.124614Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-08-29T13:28:35.429Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "PowerEdge Platform",
          "vendor": "Dell",
          "versions": [
            {
              "lessThan": "2.22.1",
              "status": "affected",
              "version": "N/A",
              "versionType": "semver"
            },
            {
              "lessThan": "2.22.0",
              "status": "affected",
              "version": "N/A",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Dell would like to thank codebreaker1337 for reporting this issue."
        }
      ],
      "datePublic": "2024-08-28T06:30:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Dell PowerEdge Platform, 14G Intel BIOS version(s) prior to 2.22.x, contains an Access of Memory Location After End of Buffer vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure."
            }
          ],
          "value": "Dell PowerEdge Platform, 14G Intel BIOS version(s) prior to 2.22.x, contains an Access of Memory Location After End of Buffer vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 3.8,
            "baseSeverity": "LOW",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-788",
              "description": "CWE-788: Access of Memory Location After End of Buffer",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-08-29T08:03:40.261Z",
        "orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
        "shortName": "dell"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.dell.com/support/kbdoc/en-us/000228137/dsa-2024-310-security-update-for-dell-poweredge-server-for-access-of-memory-location-after-end-of-buffer-vulnerability"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
    "assignerShortName": "dell",
    "cveId": "CVE-2024-38304",
    "datePublished": "2024-08-29T08:03:40.261Z",
    "dateReserved": "2024-06-13T14:41:01.527Z",
    "dateUpdated": "2024-08-29T13:28:35.429Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Vulnerability from fkie_nvd

Published

2024-08-29 11:15

Modified

2024-12-20 14:41

Severity ?

3.8 (Low) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
6.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

Summary

References

▼	URL	Tags
	security_alert@emc.com	https://www.dell.com/support/kbdoc/en-us/000228137/dsa-2024-310-security-update-for-dell-poweredge-server-for-access-of-memory-location-after-end-of-buffer-vulnerability	Vendor Advisory

Impacted products

Vendor	Product	Version
dell	emc_xc_core_xcxr2_firmware	*
dell	emc_xc_core_xcxr2	-
dell	emc_xc_core_xc940_system_firmware	*
dell	emc_xc_core_xc940_system	-
dell	emc_xc_core_xc740xd2_firmware	*
dell	emc_xc_core_xc740xd2	-
dell	emc_xc_core_xc740xd_system_firmware	*
dell	emc_xc_core_xc740xd_system	-
dell	emc_xc_core_xc640_system_firmware	*
dell	emc_xc_core_xc640_system	-
dell	emc_xc_core_6420_system_firmware	*
dell	emc_xc_core_6420_system	-
dell	emc_storage_nx3340_firmware	*
dell	emc_storage_nx3340	-
dell	emc_storage_nx3240_firmware	*
dell	emc_storage_nx3240	-
dell	poweredge_xe7440_firmware	*
dell	poweredge_xe7440	-
dell	poweredge_xe7420_firmware	*
dell	poweredge_xe7420	-
dell	poweredge_xe2420_firmware	*
dell	poweredge_xe2420	-
dell	dss_8440_firmware	*
dell	dss_8440	-
dell	poweredge_c4140_firmware	*
dell	poweredge_c4140	-
dell	poweredge_mx840c_firmware	*
dell	poweredge_mx840c	-
dell	poweredge_mx740c_firmware	*
dell	poweredge_mx740c	-
dell	poweredge_m640_\(for_pe_vrtx\)_firmware	*
dell	poweredge_m640_\(for_pe_vrtx\)	-
dell	poweredge_m640_firmware	*
dell	poweredge_m640	-
dell	poweredge_fc640_firmware	*
dell	poweredge_fc640	-
dell	poweredge_c6420_firmware	*
dell	poweredge_c6420	-
dell	poweredge_t640_firmware	*
dell	poweredge_t640	-
dell	poweredge_r940xa_firmware	*
dell	poweredge_r940xa	-
dell	poweredge_r840_firmware	*
dell	poweredge_r840	-
dell	poweredge_r740xd2_firmware	*
dell	poweredge_r740xd2	-
dell	poweredge_xr2_firmware	*
dell	poweredge_xr2	-
dell	poweredge_t440_firmware	*
dell	poweredge_t440	-
dell	poweredge_r440_firmware	*
dell	poweredge_r440	-
dell	poweredge_r540_firmware	*
dell	poweredge_r540	-
dell	poweredge_r940_firmware	*
dell	poweredge_r940	-
dell	poweredge_r640_firmware	*
dell	poweredge_r640	-
dell	poweredge_r740xd_firmware	*
dell	poweredge_r740xd	-
dell	poweredge_r740_firmware	*
dell	poweredge_r740	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:emc_xc_core_xcxr2_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9422F204-CC53-42AD-AE7D-2ABA8B77D6EB",
              "versionEndExcluding": "2.22.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:emc_xc_core_xcxr2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FF8CC72-C32F-476D-86D3-CFF022185D76",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:emc_xc_core_xc940_system_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "58B9D50B-F714-4D09-8FFA-6F17D0E2CAB9",
              "versionEndExcluding": "2.22.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:emc_xc_core_xc940_system:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8FF8BE36-E551-48E1-B7EF-0BC9FE85645F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:emc_xc_core_xc740xd2_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2760DD11-23AA-408B-886F-7F680DAB6883",
              "versionEndExcluding": "2.22.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:emc_xc_core_xc740xd2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0127228B-FBC4-4C66-AFA1-749C151F79C5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:emc_xc_core_xc740xd_system_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "115C48E2-BEC8-4BBF-B8A7-C7F22C02718E",
              "versionEndExcluding": "2.22.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:emc_xc_core_xc740xd_system:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3C19A67-F880-495B-BDB2-8371BD9CA9F7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:emc_xc_core_xc640_system_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A35F1DBD-96B3-415F-BDDB-23C2CB038870",
              "versionEndExcluding": "2.22.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:emc_xc_core_xc640_system:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A687A731-32FF-4FCF-BCAD-56B8AE59C3A7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:emc_xc_core_6420_system_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE8B52C5-C718-4A2B-99B3-A20D6D70DF83",
              "versionEndExcluding": "2.22.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:emc_xc_core_6420_system:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D991914F-E199-4E0F-8159-C1A9F254B201",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:emc_storage_nx3340_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A21E30F3-0922-4001-B34C-2D9DA30F6C94",
              "versionEndExcluding": "2.22.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:emc_storage_nx3340:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "66F375D2-85E4-4994-AE90-99D25A50F9AD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:emc_storage_nx3240_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCF6F72F-BF85-45B8-95F7-9B35F5872446",
              "versionEndExcluding": "2.22.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:emc_storage_nx3240:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFCDCB3C-4995-4211-8592-3D7F94098A26",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:poweredge_xe7440_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3917FB0-E024-40CC-8A50-111717078657",
              "versionEndExcluding": "2.22.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:poweredge_xe7440:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB265071-7294-4317-A854-0D90844CDC17",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:poweredge_xe7420_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C67CF5FC-992D-4682-BC65-973535CF34D0",
              "versionEndExcluding": "2.22.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:poweredge_xe7420:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB402EFE-DEFF-40D1-B1C8-8A7D6923669E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:poweredge_xe2420_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A2870A9-6950-4699-80EA-D3869F9FC362",
              "versionEndExcluding": "2.22.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:poweredge_xe2420:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "30D12E41-8F03-435C-B137-CD3465923E5C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:dss_8440_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DF94051-33DA-4328-9C08-DD8FD8750187",
              "versionEndExcluding": "2.22.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:dss_8440:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "239C2103-C4BB-4C6A-8E09-C6F7D52024D3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:poweredge_c4140_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9269B40-9256-427A-802A-7018EFF7B118",
              "versionEndExcluding": "2.22.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:poweredge_c4140:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9ACC9B8-C046-4304-BA58-7D6D7945BE95",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:poweredge_mx840c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEC44355-9774-4A3A-9925-A8FB0939CB75",
              "versionEndExcluding": "2.22.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:poweredge_mx840c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4305D0F-CB59-49D5-8D21-8ECC3342C36C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:poweredge_mx740c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D110671-78CB-4FBE-94D6-C682F79F3A48",
              "versionEndExcluding": "2.22.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:poweredge_mx740c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "757039D5-60B9-40B0-B719-38E27409BDDE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:poweredge_m640_\\(for_pe_vrtx\\)_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4357270-0F3F-4F55-B4B3-8B7343536C9D",
              "versionEndExcluding": "2.22.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:poweredge_m640_\\(for_pe_vrtx\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7CC31749-2B2C-42C4-AF50-A6E2354A99C8",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:poweredge_m640_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9F22775-1E65-412D-A8DF-57B0E79A0BC7",
              "versionEndExcluding": "2.22.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:poweredge_m640:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F8B50A1-577F-451E-8D03-C8A6A78000DC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:poweredge_fc640_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D880CB92-4452-421A-9EB8-77104D835D9F",
              "versionEndExcluding": "2.22.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:poweredge_fc640:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9C59D4B-1122-4782-A686-559E7DF8C3C9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:poweredge_c6420_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "ACCFE436-0DF3-4373-B630-39FF5F60E87F",
              "versionEndExcluding": "2.22.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:poweredge_c6420:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "027D86DE-076F-4CE9-9DE9-E6976C655E8F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:poweredge_t640_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D171813-C2A2-47EF-B97D-922AF36A9389",
              "versionEndExcluding": "2.22.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:poweredge_t640:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1DEC0235-DDA1-4EE4-B3F8-512F1B29AFC6",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:poweredge_r940xa_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB9DA2A4-227B-4280-A63C-CEE27814A7CE",
              "versionEndExcluding": "2.22.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:poweredge_r940xa:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D143853-3D62-4AD7-B899-F726036A34D2",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:poweredge_r840_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "99AC63E2-0A92-4ED8-BD31-06A9793FDAC3",
              "versionEndExcluding": "2.22.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:poweredge_r840:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E058B9C6-CD1C-42F5-8781-05450254E9E5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:poweredge_r740xd2_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C00D4860-3230-459A-A80B-56DBE8DED96B",
              "versionEndExcluding": "2.22.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:poweredge_r740xd2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5395D3F-58D4-49F9-AA2F-0D5C6D8C4651",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:poweredge_xr2_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E5D3362-19FC-44C2-A939-576ECC795152",
              "versionEndExcluding": "2.22.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:poweredge_xr2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "88EC4390-C39F-4E56-9631-B8A22986690D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:poweredge_t440_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA362A72-0CEB-4357-8475-F6CC922F3F49",
              "versionEndExcluding": "2.22.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:poweredge_t440:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "28F97F1A-B41E-4CC5-B668-8C194CE2C29E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:poweredge_r440_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CDDB18A-5A3C-4DA6-91B1-4AF578D87AA8",
              "versionEndExcluding": "2.22.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:poweredge_r440:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBC3957E-791A-4052-A9C4-F3ECBD746E37",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:poweredge_r540_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "80942AC6-AF8E-4313-9A6E-D73A8BF41A64",
              "versionEndExcluding": "2.22.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:poweredge_r540:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "73B27F54-3CE3-4A5F-BBA1-2C6ED5316B47",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:poweredge_r940_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C019A625-3642-41C7-9DF4-72B124036AAB",
              "versionEndExcluding": "2.22.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:poweredge_r940:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B581E1DE-4E94-49E5-B5CF-2A94B2570708",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:poweredge_r640_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2F4E39A-0FD8-4C21-9FDD-9F2F778FE9FA",
              "versionEndExcluding": "2.22.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:poweredge_r640:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "81416C16-D7FA-4165-BB0E-6458A4EA5AEE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:poweredge_r740xd_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF2A848F-5F25-4FF5-8DD6-65D3DC0F5959",
              "versionEndExcluding": "2.22.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:poweredge_r740xd:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "868ECD3F-77CD-4F5D-86E5-61689E4C5BA0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:poweredge_r740_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF25A82C-5B44-41D5-88B6-82C5B6D22CF2",
              "versionEndExcluding": "2.22.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:poweredge_r740:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE562535-3D9B-4A82-AC0D-6A2225E63E8D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Dell PowerEdge Platform, 14G Intel BIOS version(s) prior to 2.22.x, contains an Access of Memory Location After End of Buffer vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure."
    },
    {
      "lang": "es",
      "value": " Dell PowerEdge Platform, versi\u00f3n de BIOS de Intel 14G anterior a 2.22.x, contiene una vulnerabilidad de acceso a la ubicaci\u00f3n de memoria despu\u00e9s del final del b\u00fafer. Un atacante con privilegios reducidos y acceso local podr\u00eda aprovechar esta vulnerabilidad, lo que provocar\u00eda la divulgaci\u00f3n de informaci\u00f3n."
    }
  ],
  "id": "CVE-2024-38304",
  "lastModified": "2024-12-20T14:41:01.273",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "NONE",
          "baseScore": 3.8,
          "baseSeverity": "LOW",
          "confidentialityImpact": "LOW",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.0,
        "impactScore": 1.4,
        "source": "security_alert@emc.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "NONE",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.0,
        "impactScore": 4.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2024-08-29T11:15:26.187",
  "references": [
    {
      "source": "security_alert@emc.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.dell.com/support/kbdoc/en-us/000228137/dsa-2024-310-security-update-for-dell-poweredge-server-for-access-of-memory-location-after-end-of-buffer-vulnerability"
    }
  ],
  "sourceIdentifier": "security_alert@emc.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-788"
        }
      ],
      "source": "security_alert@emc.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2024-08-29 11:15

Modified

2024-12-20 14:40

Severity ?

5.3 (Medium) - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N
6.0 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N

Summary

References

▼	URL	Tags
	security_alert@emc.com	https://www.dell.com/support/kbdoc/en-us/000228135/dsa-2024-309-security-update-for-dell-poweredge-server-for-improper-input-validation-vulnerability	Vendor Advisory

Impacted products

Vendor	Product	Version
dell	emc_xc_core_xcxr2_firmware	*
dell	emc_xc_core_xcxr2	-
dell	emc_xc_core_xc940_system_firmware	*
dell	emc_xc_core_xc940_system	-
dell	emc_xc_core_xc740xd2_firmware	*
dell	emc_xc_core_xc740xd2	-
dell	emc_xc_core_xc740xd_system_firmware	*
dell	emc_xc_core_xc740xd_system	-
dell	emc_xc_core_xc640_system_firmware	*
dell	emc_xc_core_xc640_system	-
dell	emc_xc_core_6420_system_firmware	*
dell	emc_xc_core_6420_system	-
dell	emc_storage_nx3340_firmware	*
dell	emc_storage_nx3340	-
dell	emc_storage_nx3240_firmware	*
dell	emc_storage_nx3240	-
dell	poweredge_xe7440_firmware	*
dell	poweredge_xe7440	-
dell	poweredge_xe7420_firmware	*
dell	poweredge_xe7420	-
dell	poweredge_xe2420_firmware	*
dell	poweredge_xe2420	-
dell	dss_8440_firmware	*
dell	dss_8440	-
dell	poweredge_c4140_firmware	*
dell	poweredge_c4140	-
dell	poweredge_mx840c_firmware	*
dell	poweredge_mx840c	-
dell	poweredge_mx740c_firmware	*
dell	poweredge_mx740c	-
dell	poweredge_m640_\(for_pe_vrtx\)_firmware	*
dell	poweredge_m640_\(for_pe_vrtx\)	-
dell	poweredge_m640_firmware	*
dell	poweredge_m640	-
dell	poweredge_fc640_firmware	*
dell	poweredge_fc640	-
dell	poweredge_c6420_firmware	*
dell	poweredge_c6420	-
dell	poweredge_t640_firmware	*
dell	poweredge_t640	-
dell	poweredge_r940xa_firmware	*
dell	poweredge_r940xa	-
dell	poweredge_r840_firmware	*
dell	poweredge_r840	-
dell	poweredge_r740xd2_firmware	*
dell	poweredge_r740xd2	-
dell	poweredge_xr2_firmware	*
dell	poweredge_xr2	-
dell	poweredge_t440_firmware	*
dell	poweredge_t440	-
dell	poweredge_r440_firmware	*
dell	poweredge_r440	-
dell	poweredge_r540_firmware	*
dell	poweredge_r540	-
dell	poweredge_r940_firmware	*
dell	poweredge_r940	-
dell	poweredge_r640_firmware	*
dell	poweredge_r640	-
dell	poweredge_r740xd_firmware	*
dell	poweredge_r740xd	-
dell	poweredge_r740_firmware	*
dell	poweredge_r740	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:emc_xc_core_xcxr2_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9422F204-CC53-42AD-AE7D-2ABA8B77D6EB",
              "versionEndExcluding": "2.22.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:emc_xc_core_xcxr2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FF8CC72-C32F-476D-86D3-CFF022185D76",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:emc_xc_core_xc940_system_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "58B9D50B-F714-4D09-8FFA-6F17D0E2CAB9",
              "versionEndExcluding": "2.22.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:emc_xc_core_xc940_system:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8FF8BE36-E551-48E1-B7EF-0BC9FE85645F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:emc_xc_core_xc740xd2_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2760DD11-23AA-408B-886F-7F680DAB6883",
              "versionEndExcluding": "2.22.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:emc_xc_core_xc740xd2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0127228B-FBC4-4C66-AFA1-749C151F79C5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:emc_xc_core_xc740xd_system_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "115C48E2-BEC8-4BBF-B8A7-C7F22C02718E",
              "versionEndExcluding": "2.22.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:emc_xc_core_xc740xd_system:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3C19A67-F880-495B-BDB2-8371BD9CA9F7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:emc_xc_core_xc640_system_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A35F1DBD-96B3-415F-BDDB-23C2CB038870",
              "versionEndExcluding": "2.22.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:emc_xc_core_xc640_system:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A687A731-32FF-4FCF-BCAD-56B8AE59C3A7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:emc_xc_core_6420_system_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE8B52C5-C718-4A2B-99B3-A20D6D70DF83",
              "versionEndExcluding": "2.22.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:emc_xc_core_6420_system:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D991914F-E199-4E0F-8159-C1A9F254B201",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:emc_storage_nx3340_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A21E30F3-0922-4001-B34C-2D9DA30F6C94",
              "versionEndExcluding": "2.22.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:emc_storage_nx3340:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "66F375D2-85E4-4994-AE90-99D25A50F9AD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:emc_storage_nx3240_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCF6F72F-BF85-45B8-95F7-9B35F5872446",
              "versionEndExcluding": "2.22.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:emc_storage_nx3240:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFCDCB3C-4995-4211-8592-3D7F94098A26",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:poweredge_xe7440_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3917FB0-E024-40CC-8A50-111717078657",
              "versionEndExcluding": "2.22.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:poweredge_xe7440:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB265071-7294-4317-A854-0D90844CDC17",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:poweredge_xe7420_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C67CF5FC-992D-4682-BC65-973535CF34D0",
              "versionEndExcluding": "2.22.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:poweredge_xe7420:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB402EFE-DEFF-40D1-B1C8-8A7D6923669E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:poweredge_xe2420_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A2870A9-6950-4699-80EA-D3869F9FC362",
              "versionEndExcluding": "2.22.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:poweredge_xe2420:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "30D12E41-8F03-435C-B137-CD3465923E5C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:dss_8440_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DF94051-33DA-4328-9C08-DD8FD8750187",
              "versionEndExcluding": "2.22.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:dss_8440:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "239C2103-C4BB-4C6A-8E09-C6F7D52024D3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:poweredge_c4140_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9269B40-9256-427A-802A-7018EFF7B118",
              "versionEndExcluding": "2.22.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:poweredge_c4140:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9ACC9B8-C046-4304-BA58-7D6D7945BE95",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:poweredge_mx840c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEC44355-9774-4A3A-9925-A8FB0939CB75",
              "versionEndExcluding": "2.22.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:poweredge_mx840c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4305D0F-CB59-49D5-8D21-8ECC3342C36C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:poweredge_mx740c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D110671-78CB-4FBE-94D6-C682F79F3A48",
              "versionEndExcluding": "2.22.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:poweredge_mx740c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "757039D5-60B9-40B0-B719-38E27409BDDE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:poweredge_m640_\\(for_pe_vrtx\\)_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4357270-0F3F-4F55-B4B3-8B7343536C9D",
              "versionEndExcluding": "2.22.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:poweredge_m640_\\(for_pe_vrtx\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7CC31749-2B2C-42C4-AF50-A6E2354A99C8",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:poweredge_m640_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9F22775-1E65-412D-A8DF-57B0E79A0BC7",
              "versionEndExcluding": "2.22.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:poweredge_m640:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F8B50A1-577F-451E-8D03-C8A6A78000DC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:poweredge_fc640_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D880CB92-4452-421A-9EB8-77104D835D9F",
              "versionEndExcluding": "2.22.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:poweredge_fc640:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9C59D4B-1122-4782-A686-559E7DF8C3C9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:poweredge_c6420_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "ACCFE436-0DF3-4373-B630-39FF5F60E87F",
              "versionEndExcluding": "2.22.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:poweredge_c6420:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "027D86DE-076F-4CE9-9DE9-E6976C655E8F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:poweredge_t640_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D171813-C2A2-47EF-B97D-922AF36A9389",
              "versionEndExcluding": "2.22.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:poweredge_t640:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1DEC0235-DDA1-4EE4-B3F8-512F1B29AFC6",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:poweredge_r940xa_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB9DA2A4-227B-4280-A63C-CEE27814A7CE",
              "versionEndExcluding": "2.22.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:poweredge_r940xa:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D143853-3D62-4AD7-B899-F726036A34D2",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:poweredge_r840_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "99AC63E2-0A92-4ED8-BD31-06A9793FDAC3",
              "versionEndExcluding": "2.22.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:poweredge_r840:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E058B9C6-CD1C-42F5-8781-05450254E9E5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:poweredge_r740xd2_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C00D4860-3230-459A-A80B-56DBE8DED96B",
              "versionEndExcluding": "2.22.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:poweredge_r740xd2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5395D3F-58D4-49F9-AA2F-0D5C6D8C4651",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:poweredge_xr2_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E5D3362-19FC-44C2-A939-576ECC795152",
              "versionEndExcluding": "2.22.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:poweredge_xr2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "88EC4390-C39F-4E56-9631-B8A22986690D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:poweredge_t440_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA362A72-0CEB-4357-8475-F6CC922F3F49",
              "versionEndExcluding": "2.22.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:poweredge_t440:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "28F97F1A-B41E-4CC5-B668-8C194CE2C29E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:poweredge_r440_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CDDB18A-5A3C-4DA6-91B1-4AF578D87AA8",
              "versionEndExcluding": "2.22.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:poweredge_r440:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBC3957E-791A-4052-A9C4-F3ECBD746E37",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:poweredge_r540_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "80942AC6-AF8E-4313-9A6E-D73A8BF41A64",
              "versionEndExcluding": "2.22.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:poweredge_r540:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "73B27F54-3CE3-4A5F-BBA1-2C6ED5316B47",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:poweredge_r940_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C019A625-3642-41C7-9DF4-72B124036AAB",
              "versionEndExcluding": "2.22.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:poweredge_r940:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B581E1DE-4E94-49E5-B5CF-2A94B2570708",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:poweredge_r640_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2F4E39A-0FD8-4C21-9FDD-9F2F778FE9FA",
              "versionEndExcluding": "2.22.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:poweredge_r640:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "81416C16-D7FA-4165-BB0E-6458A4EA5AEE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:poweredge_r740xd_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF2A848F-5F25-4FF5-8DD6-65D3DC0F5959",
              "versionEndExcluding": "2.22.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:poweredge_r740xd:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "868ECD3F-77CD-4F5D-86E5-61689E4C5BA0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:poweredge_r740_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF25A82C-5B44-41D5-88B6-82C5B6D22CF2",
              "versionEndExcluding": "2.22.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:poweredge_r740:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE562535-3D9B-4A82-AC0D-6A2225E63E8D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Dell PowerEdge Platform, 14G Intel BIOS version(s) prior to 2.22.x, contains an Improper Input Validation vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure."
    },
    {
      "lang": "es",
      "value": "Dell PowerEdge Platform, versi\u00f3n 14G Intel BIOS anterior a 2.22.x, contiene una vulnerabilidad de validaci\u00f3n de entrada incorrecta. Un atacante con privilegios elevados y acceso local podr\u00eda aprovechar esta vulnerabilidad, lo que provocar\u00eda la divulgaci\u00f3n de informaci\u00f3n."
    }
  ],
  "id": "CVE-2024-38303",
  "lastModified": "2024-12-20T14:40:09.410",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "LOCAL",
          "availabilityImpact": "NONE",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "HIGH",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 0.8,
        "impactScore": 4.0,
        "source": "security_alert@emc.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "NONE",
          "baseScore": 6.0,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "HIGH",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 1.5,
        "impactScore": 4.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2024-08-29T11:15:25.970",
  "references": [
    {
      "source": "security_alert@emc.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.dell.com/support/kbdoc/en-us/000228135/dsa-2024-309-security-update-for-dell-poweredge-server-for-improper-input-validation-vulnerability"
    }
  ],
  "sourceIdentifier": "security_alert@emc.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "security_alert@emc.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}