CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-23691

Dell EMC PV ME5, versions ME5.1.0.0.0 and ME5.1.0.1.0, contains a Client-side desync Vulnerability. An unauthenticated attacker could potentially exploit this vulnerability to force a victim's browser to desynchronize its connection with the website, typically leading to XSS and DoS.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 59.0%

CVSS Severity

CVSS v3 Score 8.1

References

Products affected by CVE-2023-23691

Dell » Powervault Me5012 » Version: N/A

cpe:2.3:h:dell:powervault_me5012:-
Dell » Powervault Me5024 » Version: N/A

cpe:2.3:h:dell:powervault_me5024:-
Dell » Powervault Me5084 » Version: N/A

cpe:2.3:h:dell:powervault_me5084:-
Dell » Powervault Me5012 Firmware » Version: Any

cpe:2.3:o:dell:powervault_me5012_firmware:*
Dell » Powervault Me5024 Firmware » Version: Any

cpe:2.3:o:dell:powervault_me5024_firmware:*
Dell » Powervault Me5084 Firmware » Version: Any

cpe:2.3:o:dell:powervault_me5084_firmware:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-23691

Products

Pricing

Contact Us