FKIE_CVE-2024-22453
Vulnerability from fkie_nvd - Published: 2024-03-19 08:15 - Updated: 2025-02-04 17:31
Severity ?
7.2 (High) - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:H/A:H
6.0 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H
6.0 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H
Summary
Dell PowerEdge Server BIOS contains a heap-based buffer overflow vulnerability. A local high privileged attacker could potentially exploit this vulnerability to write to otherwise unauthorized memory.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:poweredge_r730_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FEA86EFE-D74A-4FAF-AC9A-633727D72576",
"versionEndExcluding": "2.19.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:poweredge_r730:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7F2D8095-BFAD-4A4C-92EF-5C27AC5860FC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:poweredge_r730xd_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F86999EA-7EED-4463-8CF3-53A4F1A4E68F",
"versionEndExcluding": "2.19.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:poweredge_r730xd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F20FC968-9159-4514-9001-B6E14AAC9BB4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:poweredge_r630_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4A95501F-9CB4-4758-90FB-7993C5B8479F",
"versionEndExcluding": "2.19.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:poweredge_r630:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3889B4D3-0B99-44AC-B732-809F7652C9D2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:poweredge_c4130_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "373FCE8C-3C8D-4698-9888-98C65E6D7C01",
"versionEndExcluding": "2.19.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:poweredge_c4130:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89E0CC72-B046-4F7C-B7FD-E8E0995C0333",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:poweredge_r930_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7A2C8BFD-3874-4912-8EC1-98647E3D0C9D",
"versionEndExcluding": "2.14.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:poweredge_r930:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1669BF88-F4AC-4166-B657-A5E0EB95F206",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:poweredge_m630_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A7BB719C-00D7-4C78-BB42-329BE0420309",
"versionEndExcluding": "2.19.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:poweredge_m630:-:*:*:*:*:*:*:*",
"matchCriteriaId": "05ABA114-D098-48D2-9E0F-E021D82F08B2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:poweredge_m630_\\(pe_vrtx\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D42919E5-52CF-44A1-B4FD-A5B9799211E1",
"versionEndExcluding": "2.19.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:poweredge_m630_\\(pe_vrtx\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "D90D2E26-AD95-4284-9007-50A60364A34C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:poweredge_fc630_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9CB9AD96-DE95-4F41-98A1-C27F41123BD2",
"versionEndExcluding": "2.19.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:poweredge_fc630:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9E5481DE-457C-44D4-A3FE-10DB525699E3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:poweredge_fc430_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "077D28F0-6748-4F82-982F-753F998427A6",
"versionEndExcluding": "2.19.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:poweredge_fc430:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1C272E6-7D78-433C-B668-EF0E810CC5BB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:poweredge_m830_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "790AB221-887C-44BB-9819-895266CC966B",
"versionEndExcluding": "2.19.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:poweredge_m830:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3BE9AB9-8093-437E-9BF6-8BA0D5ECC7D3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:poweredge_m830_\\(pe_vrtx\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6C2E7166-A7C5-477E-B9DB-6E23B4D79FC4",
"versionEndExcluding": "2.19.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:poweredge_m830_\\(pe_vrtx\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE4FDBF0-B9FE-4A7C-93B7-FF9E0E63B424",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:poweredge_fc830_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9DA2898A-EC3A-4D35-B8EB-6CF9E346CFFE",
"versionEndExcluding": "2.19.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:poweredge_fc830:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C060A4FA-B524-497C-AC27-3256ED048DF7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:poweredge_t630_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BB9F2BE0-F283-472F-A583-6B9283E4A529",
"versionEndExcluding": "2.19.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:poweredge_t630:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6F2B4062-E672-4F04-AA58-769DC546DA10",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:poweredge_r530_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1E28BABF-8EE2-4ED0-8341-329FE56E34BF",
"versionEndExcluding": "2.19.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:poweredge_r530:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1ECA70D5-0884-4B74-92C0-DFBC8454FDAD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:poweredge_r430_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D8082BDB-1AC5-45B2-949B-1B5B8DD6126B",
"versionEndExcluding": "2.19.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:poweredge_r430:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8EFF354-4534-480D-B52E-5FA575659E77",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:poweredge_t430_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2931E08C-E557-4E30-9A3B-81AA9CE1056E",
"versionEndExcluding": "2.19.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:poweredge_t430:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B326C0B3-8CDF-4451-8B59-6E6EA3F1AB76",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:poweredge_r830_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "06131E42-6E13-4C93-BEA3-A3073AF05A17",
"versionEndExcluding": "1.19.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:poweredge_r830:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EFD80313-F625-40DE-82CC-15EBD2747991",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:poweredge_c6320_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D55DF536-984E-4BE6-A9E5-613CDAAD8171",
"versionEndExcluding": "2.19.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:poweredge_c6320:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BB62B772-0492-490F-B971-93854DFD0CE0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:nx3230_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5945E528-0ECE-4C0F-9D6D-FC0FA8BCBC37",
"versionEndExcluding": "2.19.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:nx3230:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24D0E8F8-4EEB-4A1E-B853-3704140A86B8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:nx3330_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A372313B-02BA-4B1F-B0FB-175D4DCEFF58",
"versionEndExcluding": "2.19.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:nx3330:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9428F53B-5740-4E8F-8569-ECE6CA4C137F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:xc6320_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D5CE9E93-A46D-40E3-B115-237BA73D91E2",
"versionEndExcluding": "2.19.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:xc6320:-:*:*:*:*:*:*:*",
"matchCriteriaId": "93911F86-8562-43A9-8DCC-34482CD1233A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:xc430_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5D20DBEE-30BF-4CD7-8E52-966851D54215",
"versionEndExcluding": "2.19.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:xc430:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A999FC9-150A-472C-8B57-5E41D43B6BEC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:xc630_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "01B3B015-74E9-4A61-AEA4-A322FDC28445",
"versionEndExcluding": "2.19.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:xc630:-:*:*:*:*:*:*:*",
"matchCriteriaId": "48F88DD5-EE82-467E-9E19-88C7829EE1CB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:xc730_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6A328429-B728-4DB6-9E33-8B4986537A35",
"versionEndExcluding": "2.19.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:xc730:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E1D48B26-84DE-477D-9220-B600938ED14B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:xc730xd_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE4346FD-76DD-4ABD-8820-3456DDEB5FD1",
"versionEndExcluding": "2.19.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:xc730xd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "193DEB94-B27C-4038-A544-3CCC35FBCEA5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Dell PowerEdge Server BIOS contains a heap-based buffer overflow vulnerability. A local high privileged attacker could potentially exploit this vulnerability to write to otherwise unauthorized memory."
},
{
"lang": "es",
"value": "El BIOS del servidor Dell PowerEdge contiene una vulnerabilidad de desbordamiento de b\u00fafer de almacenamiento din\u00e1mico. Un atacante local con privilegios elevados podr\u00eda explotar esta vulnerabilidad para escribir en una memoria que de otro modo no estar\u00eda autorizada."
}
],
"id": "CVE-2024-22453",
"lastModified": "2025-02-04T17:31:14.817",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.8,
"source": "security_alert@emc.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-03-19T08:15:06.480",
"references": [
{
"source": "security_alert@emc.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000223209/dsa-2024-105-security-update-for-dell-poweredge-server-bios-for-a-heap-based-buffer-overflow-vulnerability"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000223209/dsa-2024-105-security-update-for-dell-poweredge-server-bios-for-a-heap-based-buffer-overflow-vulnerability"
}
],
"sourceIdentifier": "security_alert@emc.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-122"
}
],
"source": "security_alert@emc.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…