Improper Authentication Vulnerability in Dell DM5500
CVE-2023-44302

9.8CRITICAL

Key Information:

Vendor: Dell
Status: Dell PowerProtect Data Manager DM5500 Appliance
Vendor: CVE Published:; 4 December 2023

What is CVE-2023-44302?

The Dell DM5500 appliance, specifically versions 5.14.0.0 and prior, exhibits improper authentication vulnerabilities. This flaw allows an unauthenticated remote attacker to exploit the system, potentially leading to unauthorized access to resources. In severe instances, this may enable the execution of arbitrary code, thereby compromising overall system integrity and security.

Affected Version(s)

Dell PowerProtect Data Manager DM5500 Appliance DM5500 5.14 and below

References

https://www.dell.com/support/kbdoc/en-us/000220107/dsa-20...

vendor-advisory

EPSS Score

5% chance of being exploited in the next 30 days.

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 4, 2023
Vulnerability Reserved
Sep 28, 2023