Article Number: 000226567
DSA-2024-211: Security Update for a Dell InsightIQ Broken or Risky Cryptographic Algorithm Vulnerability
Summary: Dell InsightIQ remediation is available for a broken or risky cryptographic algorithm vulnerability that could be exploited by malicious users to compromise the affected system.
Article Content
Impact
Medium
Details
| Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
|---|---|---|---|
| CVE-2024-28972 | Dell InsightIQ, Verion 5.0.0, contains a use of a broken or risky cryptographic algorithm vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to information disclosure. | 5.9 | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N |
| Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
|---|---|---|---|
| CVE-2024-28972 | Dell InsightIQ, Verion 5.0.0, contains a use of a broken or risky cryptographic algorithm vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to information disclosure. | 5.9 | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N |
Affected Products and Remediation
| Product | Affected Versions | Remediated Versions | Link |
|---|---|---|---|
| InsightIQ | Versions prior to 5.0.1 | Version 5.1.0 | PowerScale InsightIQ Download Area |
| Product | Affected Versions | Remediated Versions | Link |
|---|---|---|---|
| InsightIQ | Versions prior to 5.0.1 | Version 5.1.0 | PowerScale InsightIQ Download Area |
Revision History
| Revision | Date | Description |
|---|---|---|
| 1.0 | 2024-07-01 | Initial Release |
| 2.0 | 2024-07-18 | Updated Affected Products and Remediation versions |
Related Information
Legal Information
Article Properties
Affected Product
PowerScale InsightIQ
Last Published Date
18 Jul 2024
Article Type
Dell Security Advisory