CVE-2023-44305

Dell DM5500 5.14.0.0, contains a Stack-based Buffer Overflow Vulnerability in the appliance. An unauthenticated remote attacker may exploit this vulnerability to crash the affected process or execute arbitrary code on the system by sending specially crafted input data.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:dell:dm5500_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:dm5500:-:*:*:*:*:*:*:*

History

21 Nov 2024, 08:25

Type Values Removed Values Added
References () https://www.dell.com/support/kbdoc/en-us/000220107/dsa-2023-425-security-update-for-dell-powerprotect-data-manager-dm5500-appliance-for-multiple-vulnerabilities - Vendor Advisory () https://www.dell.com/support/kbdoc/en-us/000220107/dsa-2023-425-security-update-for-dell-powerprotect-data-manager-dm5500-appliance-for-multiple-vulnerabilities - Vendor Advisory
CVSS v2 : unknown
v3 : 9.8
v2 : unknown
v3 : 8.1

18 Dec 2023, 06:15

Type Values Removed Values Added
Summary Dell DM5500 5.14.0.0, contains a Stack-based Buffer Overflow Vulnerability in PPOE. An unauthenticated remote attacker may exploit this vulnerability to crash the affected process or execute arbitrary code on the system by sending specially crafted input dat Dell DM5500 5.14.0.0, contains a Stack-based Buffer Overflow Vulnerability in the appliance. An unauthenticated remote attacker may exploit this vulnerability to crash the affected process or execute arbitrary code on the system by sending specially crafted input data.

07 Dec 2023, 19:38

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 9.8
CWE CWE-787
CPE cpe:2.3:o:dell:dm5500_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:dm5500:-:*:*:*:*:*:*:*
First Time Dell dm5500 Firmware
Dell
Dell dm5500
References () https://www.dell.com/support/kbdoc/en-us/000220107/dsa-2023-425-security-update-for-dell-powerprotect-data-manager-dm5500-appliance-for-multiple-vulnerabilities - () https://www.dell.com/support/kbdoc/en-us/000220107/dsa-2023-425-security-update-for-dell-powerprotect-data-manager-dm5500-appliance-for-multiple-vulnerabilities - Vendor Advisory

04 Dec 2023, 09:15

Type Values Removed Values Added
New CVE

Information

Published : 2023-12-04 09:15

Updated : 2024-11-21 08:25


NVD link : CVE-2023-44305

Mitre link : CVE-2023-44305

CVE.ORG link : CVE-2023-44305


JSON object : View

Products Affected

dell

  • dm5500_firmware
  • dm5500
CWE
CWE-121

Stack-based Buffer Overflow

CWE-787

Out-of-bounds Write