Rewterz Threat Advisory – Multiple Dell Unisphere for PowerMax Vulnerabilities

January 23, 2023

Rewterz Threat Advisory – CVE-2023-21824 – Oracle Communications Applications Vulnerability

January 23, 2023

Rewterz Threat Advisory – CVE-2023-23691 – Dell EMC PV ME5 Vulnerability

January 23, 2023

Severity

High

Analysis Summary

CVE-2023-23691

Dell EMC PV ME5 could allow a remote attacker to gain elevated privileges on the system, caused by a Client-side desync vulnerability. An attacker could exploit this vulnerability to force a victim’s browser to desynchronize its connection with the website, typically leading to XSS and DoS.

Impact

Privilege Escalation

Indicators Of Compromise

CVE

CVE-2023-23691

Affected Vendors

Dell

Affected Products

Dell PowerVault ME5 1.1.0.0

Remediation

Refer to Dell DSA Identifier for patch, upgrade or suggested workaround information.

Dell DSA Identifier

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

GitHub Tools Deployed in CrazyHunter Ransomware Campaigns – Active IOCs

North Korean APT Kimsuky aka Black Banshee – Active IOCs

Sophisticated BPFDoor Malware Detected Targeting Linux Systems – Active IOCs

Threat Insights

About Us

Our Leadership

CSR

Connect with Us

Rewterz Threat Advisory – Multiple Dell Unisphere for PowerMax Vulnerabilities

Rewterz Threat Advisory – CVE-2023-21824 – Oracle Communications Applications Vulnerability

The Wait Is Over!

The Rewterz Annual Threat Intelligence Report 2024 is finally here.