Article Number: 000203278
Critical
Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
---|---|---|---|
CVE-2022-34381 | Dell BSAFE SSL-J version 7.0 and all versions prior to 6.5, and Dell BSAFE Crypto-J versions prior to 6.2.6.1 contain an unmaintained third-party component vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to the compromise of the impacted system. This is a Critical vulnerability and Dell recommends customers to upgrade at the earliest opportunity. | 9.1 | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N |
Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
---|---|---|---|
CVE-2022-34381 | Dell BSAFE SSL-J version 7.0 and all versions prior to 6.5, and Dell BSAFE Crypto-J versions prior to 6.2.6.1 contain an unmaintained third-party component vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to the compromise of the impacted system. This is a Critical vulnerability and Dell recommends customers to upgrade at the earliest opportunity. | 9.1 | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N |
CVE(s) addressed | Product | Affected Versions | Remediated Versions | Link |
---|---|---|---|---|
CVE-2022-34381 | Dell BSAFE SSL-J | Versions prior to 6.5, and version 7.0 | Version 6.5 and 7.1 | How To Request a Dell BSAFE product download |
CVE-2022-34381 | Dell BSAFE Crypto-J |
Versions prior to 6.2.6.1 |
Version 6.2.6.1 and 7.0 |
How To Request a Dell BSAFE product download |
CVE(s) addressed | Product | Affected Versions | Remediated Versions | Link |
---|---|---|---|---|
CVE-2022-34381 | Dell BSAFE SSL-J | Versions prior to 6.5, and version 7.0 | Version 6.5 and 7.1 | How To Request a Dell BSAFE product download |
CVE-2022-34381 | Dell BSAFE Crypto-J |
Versions prior to 6.2.6.1 |
Version 6.2.6.1 and 7.0 |
How To Request a Dell BSAFE product download |
Workarounds or mitigation may exist based on individual use case and usage of the product. Only customers with active BSAFE maintenance contracts can receive details about the vulnerabilities, including possible workaround or mitigations.
Revision | Date | Description |
---|---|---|
1.0 | 2022-09-12 | Initial Release. |
2.0 | 2023-08-08 | Major Revision: disclosing CVE iD, CVSS score, details. |
3.0 | 2023-08-08 | Minor formatting changes without content change. |
BSAFE Crypto-J, BSAFE SSL-J
08 Aug 2023
Dell Security Advisory