{"dataType": "CVE_RECORD", "dataVersion": "5.0", "cveMetadata": {"cveId": "CVE-2023-23689", "assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe", "state": "PUBLISHED", "assignerShortName": "dell", "dateReserved": "2023-01-17T05:22:17.394Z", "datePublished": "2023-02-28T16:40:39.621Z", "dateUpdated": "2023-02-28T16:40:39.621Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "platforms": ["A200", "A2000", "H400", "H500", "H600", "H5600", "F800", "F810"], "product": "PowerScale OneFS", "vendor": "Dell", "versions": [{"status": "affected", "version": "9.5.0.x, 9.4.0.x, 9.3.0.x, 9.2.1.x, 9.2.0.x, 9.1.0.x, 9.0.0.x"}]}], "datePublic": "2023-02-28T06:30:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\n\n<span style=\"background-color: rgb(255, 255, 255);\">Dell PowerScale nodes A200, A2000, H400, H500, H600, H5600, F800, F810 integrated hardware management software contains an uncontrolled resource consumption vulnerability. This may allow an unauthenticated network host to impair built-in hardware management functionality and trigger OneFS data protection mechanism causing a denial of service.</span>\n\n"}], "value": "\nDell PowerScale nodes A200, A2000, H400, H500, H600, H5600, F800, F810 integrated hardware management software contains an uncontrolled resource consumption vulnerability. This may allow an unauthenticated network host to impair built-in hardware management functionality and trigger OneFS data protection mechanism causing a denial of service.\n\n"}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-400", "description": "CWE-400: Uncontrolled Resource Consumption", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe", "shortName": "dell", "dateUpdated": "2023-02-28T16:40:39.621Z"}, "references": [{"tags": ["vendor-advisory"], "url": "https://www.dell.com/support/kbdoc/en-us/000209895/dell-emc-powerscale-onefs-security-updates-for-multiple-security"}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dell:a200_firmware:9.0.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "FE29D0B5-8B9E-4315-9EF8-9A0C79CFB864", "vulnerable": true}, {"criteria": "cpe:2.3:o:dell:a200_firmware:9.1.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "9B97A62A-9141-4110-9E63-286494BF8B50", "vulnerable": true}, {"criteria": "cpe:2.3:o:dell:a200_firmware:9.2.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "2CF4F7E6-3CF2-462A-968E-652759AE28F7", "vulnerable": true}, {"criteria": "cpe:2.3:o:dell:a200_firmware:9.2.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "938CF757-C473-4762-A25C-196C7CF1ECE2", "vulnerable": true}, {"criteria": "cpe:2.3:o:dell:a200_firmware:9.3.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "789DC83A-C655-4284-963B-9F11A0BD942F", "vulnerable": true}, {"criteria": "cpe:2.3:o:dell:a200_firmware:9.4.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "88312C85-7160-4CF2-9076-066A76F74F6B", "vulnerable": true}, {"criteria": "cpe:2.3:o:dell:a200_firmware:9.5.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "9C3C3DA1-469F-4DF2-930D-7CEC2EE23CFE", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dell:a200:-:*:*:*:*:*:*:*", "matchCriteriaId": "C65730FE-CEB1-44E3-B2C3-0F6563A5ADD1", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dell:a2000_firmware:9.0.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "E895B354-D4B4-422E-BAAD-F92CED2D8CA5", "vulnerable": true}, {"criteria": "cpe:2.3:o:dell:a2000_firmware:9.1.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "3C3074A2-5BAC-4325-A9FA-5289A6B423FA", "vulnerable": true}, {"criteria": "cpe:2.3:o:dell:a2000_firmware:9.2.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "D33A1CCD-8AC8-491E-BEF2-419668B82CEE", "vulnerable": true}, {"criteria": "cpe:2.3:o:dell:a2000_firmware:9.2.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "5040740B-62EF-4CD2-9A27-B57B3F3DC226", "vulnerable": true}, {"criteria": "cpe:2.3:o:dell:a2000_firmware:9.3.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "6715DF08-A7C3-4617-A4D1-631A3BE1F82A", "vulnerable": true}, {"criteria": "cpe:2.3:o:dell:a2000_firmware:9.4.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "ADF36683-E350-4432-8812-089F29227A68", "vulnerable": true}, {"criteria": "cpe:2.3:o:dell:a2000_firmware:9.5.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "0B237FAB-17C8-4ADA-B79A-9E3EB9E1C682", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dell:a2000:-:*:*:*:*:*:*:*", "matchCriteriaId": "27E6A822-E31C-4B2E-9B96-CB25E0E55444", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dell:h400_firmware:9.0.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "88CFB77A-E2EB-4608-9C91-3257CEDAEB10", "vulnerable": true}, {"criteria": "cpe:2.3:o:dell:h400_firmware:9.1.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "EDAB45AC-DE75-4D37-8965-AE5D34A22EE9", "vulnerable": true}, {"criteria": "cpe:2.3:o:dell:h400_firmware:9.2.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "79E99D60-BCAE-4B03-BF06-9AD76418FFC8", "vulnerable": true}, {"criteria": "cpe:2.3:o:dell:h400_firmware:9.2.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "45EA731C-448E-4B41-9CFB-FF38F15B6840", "vulnerable": true}, {"criteria": "cpe:2.3:o:dell:h400_firmware:9.3.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "F014B415-D0A0-47D5-A34D-295A82FDA82B", "vulnerable": true}, {"criteria": "cpe:2.3:o:dell:h400_firmware:9.4.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "530B5E84-07FD-4C1A-BF22-49A9179FFF85", "vulnerable": true}, {"criteria": "cpe:2.3:o:dell:h400_firmware:9.5.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "1D79E132-DF3C-4AE5-8585-DEA5FDB1EFA6", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dell:h400:-:*:*:*:*:*:*:*", "matchCriteriaId": "8C1328B5-65EE-42D2-B3DA-8E69F509971F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dell:h500_firmware:9.0.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "93E4D4C3-CF81-4E63-AEA0-475AE2E8F235", "vulnerable": true}, {"criteria": "cpe:2.3:o:dell:h500_firmware:9.1.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "4DEE8B61-B18A-418A-9519-FF6F15EBF42E", "vulnerable": true}, {"criteria": "cpe:2.3:o:dell:h500_firmware:9.2.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "07A7269C-C944-4F98-9FEC-1AFD7A600366", "vulnerable": true}, {"criteria": "cpe:2.3:o:dell:h500_firmware:9.2.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "37EC0FD6-4367-4402-A8FF-571664757B6D", "vulnerable": true}, {"criteria": "cpe:2.3:o:dell:h500_firmware:9.3.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "CCD63BA6-A7FC-4B44-9148-E54BD25BCED9", "vulnerable": true}, {"criteria": "cpe:2.3:o:dell:h500_firmware:9.4.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "D767F09C-E638-4E69-A476-0AE6C0A0D54B", "vulnerable": true}, {"criteria": "cpe:2.3:o:dell:h500_firmware:9.5.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "5BB67BDE-AA33-45DE-B043-9F474F7F8951", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dell:h500:-:*:*:*:*:*:*:*", "matchCriteriaId": "D7A9A004-FC1C-41D1-BD93-90D1046CB81F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dell:h600_firmware:9.0.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "DAAE5794-C84F-4E80-B055-9F377731AC87", "vulnerable": true}, {"criteria": "cpe:2.3:o:dell:h600_firmware:9.1.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "599CF350-9376-45A0-B65A-AE5588B536A1", "vulnerable": true}, {"criteria": "cpe:2.3:o:dell:h600_firmware:9.2.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "7CB1C271-753A-4C7E-B960-EC0B1BDE0942", "vulnerable": true}, {"criteria": "cpe:2.3:o:dell:h600_firmware:9.2.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "15131A19-ED57-42BA-9599-FC58A39DEA9E", "vulnerable": true}, {"criteria": "cpe:2.3:o:dell:h600_firmware:9.3.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "82036E65-E9C8-4397-BCC6-FB8890265744", "vulnerable": true}, {"criteria": "cpe:2.3:o:dell:h600_firmware:9.4.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "A54784BD-B87F-4254-9FFE-83DF4A52A545", "vulnerable": true}, {"criteria": "cpe:2.3:o:dell:h600_firmware:9.5.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "16C0D8FB-F434-444C-B8EB-0D1DB4E0AD00", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dell:h600:-:*:*:*:*:*:*:*", "matchCriteriaId": "CB2D5E62-9649-4111-93C3-188A7845CF03", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dell:h5600_firmware:9.0.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "0B8C7422-7355-4E39-99D3-ED85A15ACD77", "vulnerable": true}, {"criteria": "cpe:2.3:o:dell:h5600_firmware:9.1.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "E826FCE0-8A02-4074-947C-010630DE7544", "vulnerable": true}, {"criteria": "cpe:2.3:o:dell:h5600_firmware:9.2.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "AAE1CEFC-5551-4D86-AF0F-11D3F52AB968", "vulnerable": true}, {"criteria": "cpe:2.3:o:dell:h5600_firmware:9.2.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "785BEFFD-A51B-433D-BD06-36F136A3EBFB", "vulnerable": true}, {"criteria": "cpe:2.3:o:dell:h5600_firmware:9.3.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "B476F8F4-C955-421A-90D7-8BAE4C43E59E", "vulnerable": true}, {"criteria": "cpe:2.3:o:dell:h5600_firmware:9.4.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "E75D388B-97BB-498E-9F46-098B3D7C484F", "vulnerable": true}, {"criteria": "cpe:2.3:o:dell:h5600_firmware:9.5.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "69CB2FA7-459E-4276-A7F3-33E77F0BBABA", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dell:h5600:-:*:*:*:*:*:*:*", "matchCriteriaId": "FC05FCFD-D05D-45D5-9FD6-152DF3CEB273", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dell:f800_firmware:9.0.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "F25FDFDF-7D1F-4470-9AB8-E53273768C09", "vulnerable": true}, {"criteria": "cpe:2.3:o:dell:f800_firmware:9.1.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "4B88E9A9-A071-4453-B2C0-536B65608206", "vulnerable": true}, {"criteria": "cpe:2.3:o:dell:f800_firmware:9.2.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "B1A40208-4C8D-44E1-A3BA-23E6A772D6EA", "vulnerable": true}, {"criteria": "cpe:2.3:o:dell:f800_firmware:9.2.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "57A266F7-3BDB-4495-BF80-0E2380BF8CCC", "vulnerable": true}, {"criteria": "cpe:2.3:o:dell:f800_firmware:9.3.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "5E15CC67-D8CB-4AFB-BCFA-AA7849331A77", "vulnerable": true}, {"criteria": "cpe:2.3:o:dell:f800_firmware:9.4.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "C963B6F2-8708-48B4-ACE8-09B65702AC9E", "vulnerable": true}, {"criteria": "cpe:2.3:o:dell:f800_firmware:9.5.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "DBF569C5-8494-4A70-B128-508B51B10B48", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dell:f800:-:*:*:*:*:*:*:*", "matchCriteriaId": "3FF35AAF-9201-4B28-AEAB-0731EB15690D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dell:f810_firmware:9.0.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "3302BD9A-75D3-4AB6-A827-F442A86570DC", "vulnerable": true}, {"criteria": "cpe:2.3:o:dell:f810_firmware:9.1.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "658416B1-8E38-45A7-8872-FBD1D5F9F890", "vulnerable": true}, {"criteria": "cpe:2.3:o:dell:f810_firmware:9.2.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "D82EA4B0-6139-463E-A4BA-01ACE11ADB0A", "vulnerable": true}, {"criteria": "cpe:2.3:o:dell:f810_firmware:9.2.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "5E2666D7-C2E4-48D7-B76D-D282090648C3", "vulnerable": true}, {"criteria": "cpe:2.3:o:dell:f810_firmware:9.3.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "01F33730-BC1A-4E2B-9E92-6A038E9489B3", "vulnerable": true}, {"criteria": "cpe:2.3:o:dell:f810_firmware:9.4.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "D5D54960-EE50-49F5-BA6E-22B324A7D393", "vulnerable": true}, {"criteria": "cpe:2.3:o:dell:f810_firmware:9.5.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "15930676-6E85-408C-B793-E15DFDB3EADA", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dell:f810:-:*:*:*:*:*:*:*", "matchCriteriaId": "228CF091-BC4F-427A-84ED-013D7455244F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "\nDell PowerScale nodes A200, A2000, H400, H500, H600, H5600, F800, F810 integrated hardware management software contains an uncontrolled resource consumption vulnerability. This may allow an unauthenticated network host to impair built-in hardware management functionality and trigger OneFS data protection mechanism causing a denial of service.\n\n"}], "id": "CVE-2023-23689", "lastModified": "2023-11-07T04:07:52.097", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "security_alert@emc.com", "type": "Secondary"}]}, "published": "2023-02-28T17:15:11.200", "references": [{"source": "security_alert@emc.com", "tags": ["Patch", "Vendor Advisory"], "url": "https://www.dell.com/support/kbdoc/en-us/000209895/dell-emc-powerscale-onefs-security-updates-for-multiple-security"}], "sourceIdentifier": "security_alert@emc.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-400"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-400"}], "source": "security_alert@emc.com", "type": "Secondary"}]}

{}