CVE-2024-38296 | THREATINT

Description

Dell Edge Gateway 3200, versions prior to 15.40.30.2879, and Edge Gateway 5200, versions prior to 12.0.94.2380, contain an Exposure of Sensitive Information in Shared Microarchitectural Structures during Transient Execution vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to information exposure.

PUBLISHED Reserved 2024-06-13 | Published 2024-11-22 | Updated 2024-12-09 | Assigner dell

MEDIUM: 6.7CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Problem types

CWE-1421: Exposure of Sensitive Information in Shared Microarchitectural Structures during Transient Execution

Product status

Default status

unaffected

Any version before 12.0.94.2380

affected

Credits

Dell would like to thank the Eclypsium Research Team for reporting this issue finder

References

www.dell.com/...l-networking-edge-gateway-5200-vulnerability vendor-advisory

cve.org (CVE-2024-38296)

nvd.nist.gov (CVE-2024-38296)

Download JSON