CVE-2022-34364

CVSS 4.4 MEDIUMEPSS 0.2%CWE-1295

In short

Dell BSAFE SSL-J contains debug messages that expose sensitive information to users with local access. This could allow someone with local privileges to discover details they shouldn't have access to.

Technical detail

Dell BSAFE SSL-J versions before 6.5 and version 7.0 emit debug messages containing unnecessary sensitive information accessible to locally privileged users (CWE-1295). The vulnerability requires local system access and may lead to information disclosure affecting confidentiality.

Summary generated and translated by AI from the official description.

Dell BSAFE SSL-J, versions before 6.5 and version 7.0 contain a debug message revealing unnecessary information vulnerability. This may lead to disclosing sensitive information to a locally privileged user. .

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

Affected products

Dell · BSAFE SSL-J

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://www.dell.com/support/kbdoc/en-us/000203275/dsa-2022-188-dell-bsafe-ssl-j-6-5-and-7-1-security-vulnerability