What is CVE-2023-32465?

CVE-2023-32465 is a high-severity vulnerability in Dell Powerprotect Cyber Recovery, classified under Improper Neutralization of HTTP Headers for Scripting Syntax. CVSS score: 8.8/10. Published 2023-06-14.

How severe is CVE-2023-32465?

High severity. CVSS v3 base score is 8.8 out of 10.

Vulnerability in Dell Powerprotect Cyber Recovery

CVE-2023-32465

Dell Power Protect Cyber Recovery, contains an Authentication Bypass vulnerability. An attacker could potentially exploit this vulnerability, leading to unauthorized admin access to the Cyber Recovery application. Exploitation may lead to…

EPSS: 0.001 (34.4th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.8 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H.

Affected products

Dell Powerprotect Cyber Recovery — versions 19.4 through 19.13.0.2

Weakness classification (CWE)

CWE-644 — Improper Neutralization of HTTP Headers for Scripting Syntax

References

www.dell.com/support/kbdoc/en-us/000214943/dsa-2023-201-security-update-for-del… (vendor-advisory)

Frequently asked questions

What is CVE-2023-32465?: CVE-2023-32465 is a high-severity vulnerability in Dell Powerprotect Cyber Recovery, classified under Improper Neutralization of HTTP Headers for Scripting Syntax. CVSS score: 8.8/10. Published 2023-06-14.
How severe is CVE-2023-32465?: High severity. CVSS v3 base score is 8.8 out of 10.