CVE-2023-32448 MEDIUM

CVE-2023-32448

Vendor Dell
Product PowerPath Windows
Weakness CWE-312 · Cleartext storage
Published May 30, 2023
Last update January 10, 2025

CVSS base score

5.5/10
Attack vector Local
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality High
Integrity None

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

What the vulnerability does

01Description

PowerPath for Windows, versions 7.0, 7.1 & 7.2 contains License Key Stored in Cleartext vulnerability. A local user with access to the installation directory can retrieve the license key of the product and use it to install and license PowerPath on different systems.

Key dates

02Disclosure timeline

May 30, 2023 CVE published
January 10, 2025 Record updated