CVE-2023-32464

LOW Year: 2023
CVSS v3 Score
3.3
Low
Weakness Type
CWE-295
View all →

Vulnerability Description

Dell VxRail, versions prior to 7.0.450, contain an improper certificate validation vulnerability. A high privileged remote attacker may potentially exploit this vulnerability to carry out a man-in-the-middle attack by supplying a crafted certificate and intercepting the victim's traffic to view or modify a victim’s data in transit.

Related Vulnerabilities

CVE-2019-1552

LOW
CVSS:3.3(Low)

OpenSSL has internal defaults for a directory tree where it can find a configuration file as well as certificates used for verification in TLS. This directory is most commonly referred to as OPENSSLDI...

CWE-2952019

CVE-2019-8642

LOW
CVSS:3.3(Low)

An issue existed in the handling of S-MIME certificates. This issue was addressed with improved validation of S-MIME certificates. This issue is fixed in macOS Mojave 10.14.4, Security Update 2019-002...

CWE-2952019

CVE-2022-23649

LOW
CVSS:3.3(Low)

Cosign provides container signing, verification, and storage in an OCI registry for the sigstore project. Prior to version 1.5.2, Cosign can be manipulated to claim that an entry for a signature exist...

CWE-2952022

CVE-2009-3552

LOW
CVSS:3.1(Low)

In RHEV-M VDC 2.2.0, it was found that the SSL certificate was not verified when using the client-side Red Hat Enterprise Virtualization Manager interface (a Windows Presentation Foundation (WPF) XAML...

CWE-2952009

CVE-2020-4340

LOW
CVSS:3.1(Low)

IBM Security Secret Server prior to 10.9 could allow an attacker to bypass SSL security due to improper certificate validation. IBM X-Force ID: 178180.

CWE-2952020

CVE-2023-34414

LOW
CVSS:3.1(Low)

The error page for sites with invalid TLS certificates was missing the activation-delay Firefox uses to protect prompts and permission dialogs from attacks that exploit human response time delays. If ...

CWE-2952023