Main Vulnerability Database SB2023081614

SB2023081614 - Information disclosure in Dell Storage Integration Tools for VMware (DSITV)

Published: August 16, 2023

Security Bulletin ID SB2023081614

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Local access

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Information disclosure (CVE-ID: CVE-2023-39250)

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to excessive data output by the application. A local user could potentially exploit this vulnerability to retrieve an encryption key that could aid in further attacks.

Remediation

Install update from vendor's website.

References

https://www.dell.com/support/kbdoc/nl-nl/000216615/dsa-2023-282-security-update-for-dell-storage-integration-tools-for-vmware-dsitv-vulnerabilities