CVE-2022-24409

MEDIUM

Dell BSAFE SSL-J 6.1.0-6.3.x - Covert Timing Channel

Title source: llm

Description

Dell BSAFE SSL-J contains remediation for a covert timing channel vulnerability that may be exploited by malicious users to compromise the affected system. Only customers with active BSAFE maintenance contracts can receive details about this vulnerability. Public disclosure of the vulnerability details will be shared at a later date.

References (1)

Core 1

Core References

Vendor Advisory x_refsource_misc

https://www.dell.com/support/kbdoc/en-us/000196312/dsa-2022-023-dell-bsafetm-ssl-j-6-4-security-update-for-a-single-covert-timing-channel

Scores

CVSS v3 5.9

EPSS 0.0075

EPSS Percentile 73.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

CWE

CWE-385

Status published

Products (1)

dell/bsafe_ssl-j 6.1.0 - 6.4

Published Feb 23, 2022

Tracked Since Feb 18, 2026