CNNVD-202506-1791 Information
CNNVD ID
CNNVD-202506-1791
Related CVE
- CNNVD Published: 2025-06-13
Description (Chinese)
Dell ControlVault3和Dell ControlVault3 Plus都是美国戴尔(Dell)公司的一款基于硬件的安全解决方案。 Dell ControlVault3 5.15.10.14之前版本和Dell ControlVault3 Plus 6.2.26.36之前版本存在缓冲区错误漏洞,该漏洞源于cv_send_blockdata功能存在越界读取,可能导致信息泄露。
Description (English)
Dell ControlVault3 and Dell ControlVault3 Plus are both hardware-based security solutions for Dell in the United States. Pre-Dell ControlVault 3 5.15.10.14 and pre-Dell ControlVault 3 Plus 6.2.26.36 contain an error loophole in the buffer zone, which stems from the existence of cross-border access to the cv send blockdata function, which may lead to the disclosure of information.
Hazard Level
Medium
Vulnerability Type
缓冲区错误
Affected Vendor
戴尔
Published
2025-06-13
Last Modified
2026-02-24
References
https://www.dell.com/support/kbdoc/en-us/000276106/dsa-2025-053 https://access.redhat.com/security/cve/cve-2025-24311
Patch
https://www.dell.com/support/kbdoc/en-us/000276106/dsa-2025-053
Share on: