{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-38303", "assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe", "state": "PUBLISHED", "assignerShortName": "dell", "dateReserved": "2024-06-13T14:41:01.527Z", "datePublished": "2024-08-29T04:34:53.178Z", "dateUpdated": "2024-08-29T13:49:36.661Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "PowerEdge Platform", "vendor": "Dell", "versions": [{"lessThan": "2.22.1", "status": "affected", "version": "N/A", "versionType": "semver"}, {"lessThan": "2.22.0", "status": "affected", "version": "N/A", "versionType": "semver"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Dell would like to thank codebreaker1337 for reporting this issue."}], "datePublic": "2024-08-28T06:30:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Dell PowerEdge Platform, 14G Intel BIOS version(s) prior to 2.22.x, contains an Improper Input Validation vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure."}], "value": "Dell PowerEdge Platform, 14G Intel BIOS version(s) prior to 2.22.x, contains an Improper Input Validation vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure."}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-20", "description": "CWE-20: Improper Input Validation", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe", "shortName": "dell", "dateUpdated": "2024-08-29T04:34:53.178Z"}, "references": [{"tags": ["vendor-advisory"], "url": "https://www.dell.com/support/kbdoc/en-us/000228135/dsa-2024-309-security-update-for-dell-poweredge-server-for-improper-input-validation-vulnerability"}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-08-29T13:49:25.085284Z", "id": "CVE-2024-38303", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-29T13:49:36.661Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-38303", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-08-29T13:49:25.085284Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-29T13:49:31.236Z"}}], "cna": {"source": {"discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "finder", "value": "Dell would like to thank codebreaker1337 for reporting this issue."}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Dell", "product": "PowerEdge Platform", "versions": [{"status": "affected", "version": "N/A", "lessThan": "2.22.1", "versionType": "semver"}, {"status": "affected", "version": "N/A", "lessThan": "2.22.0", "versionType": "semver"}], "defaultStatus": "unaffected"}], "datePublic": "2024-08-28T06:30:00.000Z", "references": [{"url": "https://www.dell.com/support/kbdoc/en-us/000228135/dsa-2024-309-security-update-for-dell-poweredge-server-for-improper-input-validation-vulnerability", "tags": ["vendor-advisory"]}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "Dell PowerEdge Platform, 14G Intel BIOS version(s) prior to 2.22.x, contains an Improper Input Validation vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure.", "supportingMedia": [{"type": "text/html", "value": "Dell PowerEdge Platform, 14G Intel BIOS version(s) prior to 2.22.x, contains an Improper Input Validation vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-20", "description": "CWE-20: Improper Input Validation"}]}], "providerMetadata": {"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe", "shortName": "dell", "dateUpdated": "2024-08-29T04:34:53.178Z"}}}, "cveMetadata": {"cveId": "CVE-2024-38303", "state": "PUBLISHED", "dateUpdated": "2024-08-29T13:49:36.661Z", "dateReserved": "2024-06-13T14:41:01.527Z", "assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe", "datePublished": "2024-08-29T04:34:53.178Z", "assignerShortName": "dell"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dell:emc_xc_core_xcxr2_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "9422F204-CC53-42AD-AE7D-2ABA8B77D6EB", "versionEndExcluding": "2.22.1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dell:emc_xc_core_xcxr2:-:*:*:*:*:*:*:*", "matchCriteriaId": "2FF8CC72-C32F-476D-86D3-CFF022185D76", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dell:emc_xc_core_xc940_system_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "58B9D50B-F714-4D09-8FFA-6F17D0E2CAB9", "versionEndExcluding": "2.22.2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dell:emc_xc_core_xc940_system:-:*:*:*:*:*:*:*", "matchCriteriaId": "8FF8BE36-E551-48E1-B7EF-0BC9FE85645F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dell:emc_xc_core_xc740xd2_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "2760DD11-23AA-408B-886F-7F680DAB6883", "versionEndExcluding": "2.22.1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dell:emc_xc_core_xc740xd2:-:*:*:*:*:*:*:*", "matchCriteriaId": "0127228B-FBC4-4C66-AFA1-749C151F79C5", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dell:emc_xc_core_xc740xd_system_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "115C48E2-BEC8-4BBF-B8A7-C7F22C02718E", "versionEndExcluding": "2.22.2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dell:emc_xc_core_xc740xd_system:-:*:*:*:*:*:*:*", "matchCriteriaId": "F3C19A67-F880-495B-BDB2-8371BD9CA9F7", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dell:emc_xc_core_xc640_system_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "A35F1DBD-96B3-415F-BDDB-23C2CB038870", "versionEndExcluding": "2.22.2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dell:emc_xc_core_xc640_system:-:*:*:*:*:*:*:*", "matchCriteriaId": "A687A731-32FF-4FCF-BCAD-56B8AE59C3A7", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dell:emc_xc_core_6420_system_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "FE8B52C5-C718-4A2B-99B3-A20D6D70DF83", "versionEndExcluding": "2.22.2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dell:emc_xc_core_6420_system:-:*:*:*:*:*:*:*", "matchCriteriaId": "D991914F-E199-4E0F-8159-C1A9F254B201", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dell:emc_storage_nx3340_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "A21E30F3-0922-4001-B34C-2D9DA30F6C94", "versionEndExcluding": "2.22.2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dell:emc_storage_nx3340:-:*:*:*:*:*:*:*", "matchCriteriaId": "66F375D2-85E4-4994-AE90-99D25A50F9AD", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dell:emc_storage_nx3240_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "DCF6F72F-BF85-45B8-95F7-9B35F5872446", "versionEndExcluding": "2.22.2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dell:emc_storage_nx3240:-:*:*:*:*:*:*:*", "matchCriteriaId": "EFCDCB3C-4995-4211-8592-3D7F94098A26", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dell:poweredge_xe7440_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "E3917FB0-E024-40CC-8A50-111717078657", "versionEndExcluding": "2.22.2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dell:poweredge_xe7440:-:*:*:*:*:*:*:*", "matchCriteriaId": "EB265071-7294-4317-A854-0D90844CDC17", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dell:poweredge_xe7420_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "C67CF5FC-992D-4682-BC65-973535CF34D0", "versionEndExcluding": "2.22.2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dell:poweredge_xe7420:-:*:*:*:*:*:*:*", "matchCriteriaId": "DB402EFE-DEFF-40D1-B1C8-8A7D6923669E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dell:poweredge_xe2420_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "5A2870A9-6950-4699-80EA-D3869F9FC362", "versionEndExcluding": "2.22.2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dell:poweredge_xe2420:-:*:*:*:*:*:*:*", "matchCriteriaId": "30D12E41-8F03-435C-B137-CD3465923E5C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dell:dss_8440_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "8DF94051-33DA-4328-9C08-DD8FD8750187", "versionEndExcluding": "2.22.2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dell:dss_8440:-:*:*:*:*:*:*:*", "matchCriteriaId": "239C2103-C4BB-4C6A-8E09-C6F7D52024D3", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dell:poweredge_c4140_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "A9269B40-9256-427A-802A-7018EFF7B118", "versionEndExcluding": "2.22.2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dell:poweredge_c4140:-:*:*:*:*:*:*:*", "matchCriteriaId": "F9ACC9B8-C046-4304-BA58-7D6D7945BE95", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dell:poweredge_mx840c_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "DEC44355-9774-4A3A-9925-A8FB0939CB75", "versionEndExcluding": "2.22.1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dell:poweredge_mx840c:-:*:*:*:*:*:*:*", "matchCriteriaId": "E4305D0F-CB59-49D5-8D21-8ECC3342C36C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dell:poweredge_mx740c_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "2D110671-78CB-4FBE-94D6-C682F79F3A48", "versionEndExcluding": "2.22.1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dell:poweredge_mx740c:-:*:*:*:*:*:*:*", "matchCriteriaId": "757039D5-60B9-40B0-B719-38E27409BDDE", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dell:poweredge_m640_\\(for_pe_vrtx\\)_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "E4357270-0F3F-4F55-B4B3-8B7343536C9D", "versionEndExcluding": "2.22.2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dell:poweredge_m640_\\(for_pe_vrtx\\):-:*:*:*:*:*:*:*", "matchCriteriaId": "7CC31749-2B2C-42C4-AF50-A6E2354A99C8", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dell:poweredge_m640_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "D9F22775-1E65-412D-A8DF-57B0E79A0BC7", "versionEndExcluding": "2.22.2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dell:poweredge_m640:-:*:*:*:*:*:*:*", "matchCriteriaId": "5F8B50A1-577F-451E-8D03-C8A6A78000DC", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dell:poweredge_fc640_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "D880CB92-4452-421A-9EB8-77104D835D9F", "versionEndExcluding": "2.22.2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dell:poweredge_fc640:-:*:*:*:*:*:*:*", "matchCriteriaId": "E9C59D4B-1122-4782-A686-559E7DF8C3C9", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dell:poweredge_c6420_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "ACCFE436-0DF3-4373-B630-39FF5F60E87F", "versionEndExcluding": "2.22.2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dell:poweredge_c6420:-:*:*:*:*:*:*:*", "matchCriteriaId": "027D86DE-076F-4CE9-9DE9-E6976C655E8F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dell:poweredge_t640_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "9D171813-C2A2-47EF-B97D-922AF36A9389", "versionEndExcluding": "2.22.1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dell:poweredge_t640:-:*:*:*:*:*:*:*", "matchCriteriaId": "1DEC0235-DDA1-4EE4-B3F8-512F1B29AFC6", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dell:poweredge_r940xa_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "EB9DA2A4-227B-4280-A63C-CEE27814A7CE", "versionEndExcluding": "2.22.1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dell:poweredge_r940xa:-:*:*:*:*:*:*:*", "matchCriteriaId": "3D143853-3D62-4AD7-B899-F726036A34D2", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dell:poweredge_r840_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "99AC63E2-0A92-4ED8-BD31-06A9793FDAC3", "versionEndExcluding": "2.22.1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dell:poweredge_r840:-:*:*:*:*:*:*:*", "matchCriteriaId": "E058B9C6-CD1C-42F5-8781-05450254E9E5", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dell:poweredge_r740xd2_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "C00D4860-3230-459A-A80B-56DBE8DED96B", "versionEndExcluding": "2.22.1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dell:poweredge_r740xd2:-:*:*:*:*:*:*:*", "matchCriteriaId": "A5395D3F-58D4-49F9-AA2F-0D5C6D8C4651", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dell:poweredge_xr2_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "3E5D3362-19FC-44C2-A939-576ECC795152", "versionEndExcluding": "2.22.1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dell:poweredge_xr2:-:*:*:*:*:*:*:*", "matchCriteriaId": "88EC4390-C39F-4E56-9631-B8A22986690D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dell:poweredge_t440_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "EA362A72-0CEB-4357-8475-F6CC922F3F49", "versionEndExcluding": "2.22.1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dell:poweredge_t440:-:*:*:*:*:*:*:*", "matchCriteriaId": "28F97F1A-B41E-4CC5-B668-8C194CE2C29E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dell:poweredge_r440_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "8CDDB18A-5A3C-4DA6-91B1-4AF578D87AA8", "versionEndExcluding": "2.22.1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dell:poweredge_r440:-:*:*:*:*:*:*:*", "matchCriteriaId": "EBC3957E-791A-4052-A9C4-F3ECBD746E37", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dell:poweredge_r540_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "80942AC6-AF8E-4313-9A6E-D73A8BF41A64", "versionEndExcluding": "2.22.1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dell:poweredge_r540:-:*:*:*:*:*:*:*", "matchCriteriaId": "73B27F54-3CE3-4A5F-BBA1-2C6ED5316B47", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dell:poweredge_r940_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "C019A625-3642-41C7-9DF4-72B124036AAB", "versionEndExcluding": "2.22.2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dell:poweredge_r940:-:*:*:*:*:*:*:*", "matchCriteriaId": "B581E1DE-4E94-49E5-B5CF-2A94B2570708", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dell:poweredge_r640_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "A2F4E39A-0FD8-4C21-9FDD-9F2F778FE9FA", "versionEndExcluding": "2.22.2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dell:poweredge_r640:-:*:*:*:*:*:*:*", "matchCriteriaId": "81416C16-D7FA-4165-BB0E-6458A4EA5AEE", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dell:poweredge_r740xd_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "DF2A848F-5F25-4FF5-8DD6-65D3DC0F5959", "versionEndExcluding": "2.22.2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dell:poweredge_r740xd:-:*:*:*:*:*:*:*", "matchCriteriaId": "868ECD3F-77CD-4F5D-86E5-61689E4C5BA0", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dell:poweredge_r740_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "FF25A82C-5B44-41D5-88B6-82C5B6D22CF2", "versionEndExcluding": "2.22.2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dell:poweredge_r740:-:*:*:*:*:*:*:*", "matchCriteriaId": "DE562535-3D9B-4A82-AC0D-6A2225E63E8D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Dell PowerEdge Platform, 14G Intel BIOS version(s) prior to 2.22.x, contains an Improper Input Validation vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure."}, {"lang": "es", "value": "Dell PowerEdge Platform, versi\u00f3n 14G Intel BIOS anterior a 2.22.x, contiene una vulnerabilidad de validaci\u00f3n de entrada incorrecta. Un atacante con privilegios elevados y acceso local podr\u00eda aprovechar esta vulnerabilidad, lo que provocar\u00eda la divulgaci\u00f3n de informaci\u00f3n."}], "id": "CVE-2024-38303", "lastModified": "2024-12-20T14:40:09.410", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 0.8, "impactScore": 4.0, "source": "security_alert@emc.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 6.0, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.5, "impactScore": 4.0, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-08-29T11:15:25.970", "references": [{"source": "security_alert@emc.com", "tags": ["Vendor Advisory"], "url": "https://www.dell.com/support/kbdoc/en-us/000228135/dsa-2024-309-security-update-for-dell-poweredge-server-for-improper-input-validation-vulnerability"}], "sourceIdentifier": "security_alert@emc.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "security_alert@emc.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}