CVE-2023-43082
First published: Wed Nov 22 2023(Updated: )
Dell Unity prior to 5.3 contains a 'man in the middle' vulnerability in the vmadapter component. If a customer has a certificate signed by a third-party public Certificate Authority, the vCenter CA could be spoofed by an attacker who can obtain a CA-signed certificate.
Credit: security_alert@emc.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Dell Unity Operating Environment | <5.3.0.0.5.120 | |
| Dell Unity Xt Operating Environment | <5.3.0.0.5.120 | |
| Dell Unityvsa Operating Environment | <5.3.0.0.5.120 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID for this Dell Unity vulnerability?
The vulnerability ID for this Dell Unity vulnerability is CVE-2023-43082.
What is the severity of CVE-2023-43082?
The severity of CVE-2023-43082 is high (8.6).
What is the affected software for CVE-2023-43082?
The affected software for CVE-2023-43082 is Dell Unity Operating Environment, Dell Unity Xt Operating Environment, and Dell Unityvsa Operating Environment.
What is the description of CVE-2023-43082?
CVE-2023-43082 is a 'man in the middle' vulnerability in the vmadapter component of Dell Unity prior to 5.3.
How can I fix CVE-2023-43082?
To fix CVE-2023-43082, users should apply the security update provided by Dell. More information can be found in the reference link.
- collector/mitre-cve
- collector/nvd-api
- vendor/dell
- canonical/dell unity operating environment
- canonical/dell unity xt operating environment
- canonical/dell unityvsa operating environment