Rewterz Threat Advisory – Multiple Cisco Unified Intelligence Center Vulnerabilities
March 2, 2023Rewterz Threat Alert – APT-C-35 aka Donot APT Group – Active IOCs
March 2, 2023Rewterz Threat Advisory – Multiple Cisco Unified Intelligence Center Vulnerabilities
March 2, 2023Rewterz Threat Alert – APT-C-35 aka Donot APT Group – Active IOCs
March 2, 2023Severity
Medium
Analysis Summary
CVE-2023-23689 CVSS:5.3
Dell PowerScale nodes is vulnerable to a denial of service, caused by an uncontrolled resource consumption vulnerability. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a denial of service.
CVE-2023-25540 CVSS:6
Dell PowerScale OneFS is vulnerable to a denial of service, caused by an incorrect default permissions vulnerability. A local authenticated attacker could exploit this vulnerability to overwrite arbitrary files, resulting in a denial of service.
Impact
- Denial of Service
Indicators Of Compromise
CVE
- CVE-2023-23689
- CVE-2023-25540
Affected Vendors
Dell
Affected Products
- Dell PowerScale node A200 9.5.0
- Dell PowerScale node A2000 9.4.0
- Dell PowerScale node F800 9.0.0
- Dell PowerScale node F810 9.0.0
- Dell PowerScale OneFS 9.4.0.0
- Dell PowerScale OneFS 9.4.0.11
Remediation
Refer to Dell DSA Identifier for patch, upgrade or suggested workaround information.