vulnerability

Dell PowerStoreOS: CVE-2024-1300: DSA-2024-462: Dell PowerStore T Security Update for Multiple Vulnerabilities

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:N/AC:L/Au:S/C:P/I:N/A:P)	Nov 19, 2024	Oct 23, 2025	Oct 23, 2025

Severity

CVSS

(AV:N/AC:L/Au:S/C:P/I:N/A:P)

Published

Nov 19, 2024

Added

Oct 23, 2025

Modified

Oct 23, 2025

Description

A vulnerability in the Eclipse Vert.x toolkit causes a memory leak in TCP servers configured with TLS and SNI support. When processing an unknown SNI server name assigned the default certificate instead of a mapped certificate, the SSL context is erroneously cached in the server name map, leading to memory exhaustion. This flaw allows attackers to send TLS client hello messages with fake server names, triggering a JVM out-of-memory error.

Solution

dell-powerstoreos-upgrade-latest

References

CVE-2024-1300
https://attackerkb.com/topics/CVE-2024-1300
URL-https://www.dell.com/support/kbdoc/en-us/000250483/dsa-2024-462-dell-powerstore-t-security-update-for-multiple-vulnerabilities
CWE-401

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today