CVE-2023-44297

Dell PowerEdge platforms 16G Intel E5 BIOS and Dell Precision BIOS, version 1.4.4, contain active debug code security vulnerability. An unauthenticated physical attacker could potentially exploit this vulnerability, leading to information disclosure, information tampering, code execution, denial of service.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:dell:poweredge_r660_firmware:1.4.4:*:*:*:*:*:*:*
cpe:2.3:h:dell:poweredge_r660:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:dell:poweredge_r760_firmware:1.4.4:*:*:*:*:*:*:*
cpe:2.3:h:dell:poweredge_r760:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:dell:poweredge_c6620_firmware:1.4.4:*:*:*:*:*:*:*
cpe:2.3:h:dell:poweredge_c6620:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:dell:poweredge_mx760c_firmware:1.4.4:*:*:*:*:*:*:*
cpe:2.3:h:dell:poweredge_mx760c:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:dell:poweredge_r860_firmware:1.4.4:*:*:*:*:*:*:*
cpe:2.3:h:dell:poweredge_r860:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:dell:poweredge_r960_firmware:1.4.4:*:*:*:*:*:*:*
cpe:2.3:h:dell:poweredge_r960:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:dell:poweredge_hs5610_firmware:1.4.4:*:*:*:*:*:*:*
cpe:2.3:h:dell:poweredge_hs5610:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:dell:poweredge_hs5620_firmware:1.4.4:*:*:*:*:*:*:*
cpe:2.3:h:dell:poweredge_hs5620:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:dell:poweredge_r660xs_firmware:1.4.4:*:*:*:*:*:*:*
cpe:2.3:h:dell:poweredge_r660xs:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:dell:poweredge_r760xs_firmware:1.4.4:*:*:*:*:*:*:*
cpe:2.3:h:dell:poweredge_r760xs:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:dell:poweredge_r760xd2_firmware:1.4.4:*:*:*:*:*:*:*
cpe:2.3:h:dell:poweredge_r760xd2:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:dell:poweredge_t560_firmware:1.4.4:*:*:*:*:*:*:*
cpe:2.3:h:dell:poweredge_t560:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND
cpe:2.3:o:dell:poweredge_r760xa_firmware:1.4.4:*:*:*:*:*:*:*
cpe:2.3:h:dell:poweredge_r760xa:-:*:*:*:*:*:*:*

History

21 Nov 2024, 08:25

Type Values Removed Values Added
CVSS v2 : unknown
v3 : 6.8
v2 : unknown
v3 : 7.1
References () https://www.dell.com/support/kbdoc/en-us/000220047/dsa-2023-429-security-update-for-dell-16g-poweredge-server-bios-for-a-debug-code-security-vulnerability - Vendor Advisory () https://www.dell.com/support/kbdoc/en-us/000220047/dsa-2023-429-security-update-for-dell-16g-poweredge-server-bios-for-a-debug-code-security-vulnerability - Vendor Advisory

12 Dec 2023, 00:55

Type Values Removed Values Added
First Time Dell poweredge R760xd2 Firmware
Dell poweredge Mx760c Firmware
Dell poweredge Hs5620
Dell poweredge R960
Dell poweredge T560
Dell poweredge R860
Dell poweredge Mx760c
Dell poweredge R760xs Firmware
Dell poweredge R760xa Firmware
Dell poweredge C6620
Dell poweredge R760xs
Dell poweredge R760xa
Dell poweredge R960 Firmware
Dell poweredge C6620 Firmware
Dell poweredge Hs5610 Firmware
Dell poweredge R660 Firmware
Dell poweredge T560 Firmware
Dell poweredge R660
Dell poweredge R760 Firmware
Dell poweredge R660xs
Dell
Dell poweredge R760xd2
Dell poweredge Hs5620 Firmware
Dell poweredge R660xs Firmware
Dell poweredge Hs5610
Dell poweredge R760
Dell poweredge R860 Firmware
CWE CWE-667
References () https://www.dell.com/support/kbdoc/en-us/000220047/dsa-2023-429-security-update-for-dell-16g-poweredge-server-bios-for-a-debug-code-security-vulnerability - () https://www.dell.com/support/kbdoc/en-us/000220047/dsa-2023-429-security-update-for-dell-16g-poweredge-server-bios-for-a-debug-code-security-vulnerability - Vendor Advisory
CPE cpe:2.3:o:dell:poweredge_r660xs_firmware:1.4.4:*:*:*:*:*:*:*
cpe:2.3:o:dell:poweredge_mx760c_firmware:1.4.4:*:*:*:*:*:*:*
cpe:2.3:h:dell:poweredge_hs5620:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:poweredge_r660:-:*:*:*:*:*:*:*
cpe:2.3:o:dell:poweredge_r660_firmware:1.4.4:*:*:*:*:*:*:*
cpe:2.3:o:dell:poweredge_t560_firmware:1.4.4:*:*:*:*:*:*:*
cpe:2.3:o:dell:poweredge_r760xs_firmware:1.4.4:*:*:*:*:*:*:*
cpe:2.3:o:dell:poweredge_r760xd2_firmware:1.4.4:*:*:*:*:*:*:*
cpe:2.3:o:dell:poweredge_r760_firmware:1.4.4:*:*:*:*:*:*:*
cpe:2.3:h:dell:poweredge_r860:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:poweredge_r960:-:*:*:*:*:*:*:*
cpe:2.3:o:dell:poweredge_c6620_firmware:1.4.4:*:*:*:*:*:*:*
cpe:2.3:o:dell:poweredge_r960_firmware:1.4.4:*:*:*:*:*:*:*
cpe:2.3:h:dell:poweredge_t560:-:*:*:*:*:*:*:*
cpe:2.3:o:dell:poweredge_hs5610_firmware:1.4.4:*:*:*:*:*:*:*
cpe:2.3:o:dell:poweredge_hs5620_firmware:1.4.4:*:*:*:*:*:*:*
cpe:2.3:h:dell:poweredge_hs5610:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:poweredge_c6620:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:poweredge_r760xs:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:poweredge_r760xa:-:*:*:*:*:*:*:*
cpe:2.3:o:dell:poweredge_r860_firmware:1.4.4:*:*:*:*:*:*:*
cpe:2.3:h:dell:poweredge_r660xs:-:*:*:*:*:*:*:*
cpe:2.3:o:dell:poweredge_r760xa_firmware:1.4.4:*:*:*:*:*:*:*
cpe:2.3:h:dell:poweredge_r760:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:poweredge_mx760c:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:poweredge_r760xd2:-:*:*:*:*:*:*:*
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 6.8

05 Dec 2023, 16:15

Type Values Removed Values Added
New CVE

Information

Published : 2023-12-05 16:15

Updated : 2024-11-21 08:25


NVD link : CVE-2023-44297

Mitre link : CVE-2023-44297

CVE.ORG link : CVE-2023-44297


JSON object : View

Products Affected

dell

  • poweredge_r660
  • poweredge_c6620
  • poweredge_r760xd2_firmware
  • poweredge_r860
  • poweredge_mx760c
  • poweredge_t560_firmware
  • poweredge_r660xs_firmware
  • poweredge_r660_firmware
  • poweredge_r760xs
  • poweredge_r760xa_firmware
  • poweredge_r760xs_firmware
  • poweredge_hs5610
  • poweredge_hs5610_firmware
  • poweredge_r860_firmware
  • poweredge_r960
  • poweredge_hs5620
  • poweredge_r760_firmware
  • poweredge_mx760c_firmware
  • poweredge_c6620_firmware
  • poweredge_t560
  • poweredge_r960_firmware
  • poweredge_hs5620_firmware
  • poweredge_r760
  • poweredge_r760xa
  • poweredge_r660xs
  • poweredge_r760xd2
CWE
CWE-1234

Hardware Internal or Debug Modes Allow Override of Locks

CWE-667

Improper Locking