Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Dell UEFI BIOS https stack leveraged by the Dell BIOSConnect feature and Dell HTTPS Boot feature contains an improper certificate validation vulnerability. A remote unauthenticated attacker may exploit this vulnerability using a person-in-the-middle attack which may lead to a denial of service and payload tampering.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H
Vulnerability Type
证书验证不恰当
Vulnerability Title
Dell BIOSConnect信任管理问题漏洞
Vulnerability Description
DELL Dell BIOSConnect是美国戴尔(DELL)公司的一个基础平台,使 BIOS 可连接到 Dell 的 HTTP 后端,并通过 HTTP 方法加载映像。 Dell BIOSConnect feature and Dell HTTPS Boot feature 存在信任管理问题漏洞,该漏洞源于Dell UEFI BIOS https栈存在不正确的证书验证漏洞。未经身份验证的远程攻击者可利用该漏洞可以使用中间人攻击来利用这个漏洞,这种攻击可能导致拒绝服务和负载篡改。
CVSS Information
N/A
Vulnerability Type
N/A