Login Sign Up

CVE-2022-34381

9.1 CRITICAL

📋 TL;DR

CVE-2022-34381 is a critical vulnerability in Dell BSAFE SSL-J and Crypto-J libraries due to an unmaintained third-party component. Unauthenticated remote attackers could potentially exploit this to compromise affected systems. Organizations using vulnerable versions of these cryptographic libraries are at risk.

💻 Affected Systems

Products:
  • Dell BSAFE SSL-J
  • Dell BSAFE Crypto-J
Versions: SSL-J: All versions prior to 6.5 and version 7.0; Crypto-J: All versions prior to 6.2.6.1
Operating Systems: Any OS using affected libraries
Default Config Vulnerable: ⚠️ Yes
Notes: Affects any application or system using these cryptographic libraries regardless of configuration.

📦 What is this software?

Bsafe Crypto J by Dell

View all CVEs affecting Bsafe Crypto J →

Bsafe Ssl J by Dell

View all CVEs affecting Bsafe Ssl J →

Bsafe Ssl J by Dell

View all CVEs affecting Bsafe Ssl J →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise allowing remote code execution, data theft, and persistent access to affected systems.

🟠

Likely Case

Remote code execution leading to unauthorized access, data exfiltration, and potential lateral movement within the network.

🟢

If Mitigated

Limited impact with proper network segmentation and access controls, but still significant risk due to unauthenticated nature.

🌐 Internet-Facing: HIGH - Unauthenticated remote exploitation makes internet-facing systems particularly vulnerable to attack.
🏢 Internal Only: HIGH - Even internal systems are at significant risk due to the unauthenticated nature and critical severity.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Dell rates this as Critical with CVSS 9.1, indicating high exploitability and impact potential.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: SSL-J: Upgrade to 6.5 or 7.1; Crypto-J: Upgrade to 6.2.6.1 or 7.0

Vendor Advisory: https://www.dell.com/support/kbdoc/en-us/000203278/dsa-2022-208-dell-bsafe-ssl-j-6-5-and-7-1-and-dell-bsafe-crypto-j-6-2-6-1-and-7-0-security-vulnerability

Restart Required: Yes

Instructions:

1. Identify all systems using affected BSAFE libraries. 2. Download and install patched versions from Dell support. 3. Restart affected applications/services. 4. Verify successful update.

🔧 Temporary Workarounds

Network Segmentation

all

Isolate systems using vulnerable libraries from untrusted networks

Application Whitelisting

all

Implement application control to prevent unauthorized code execution

🧯 If You Can't Patch

  • Implement strict network access controls to limit exposure
  • Monitor affected systems for suspicious activity and implement enhanced logging

🔍 How to Verify

Check if Vulnerable:

Check application dependencies and library versions for BSAFE SSL-J or Crypto-J usage

Check Version:

Check application documentation or use system package manager (e.g., 'rpm -qa | grep bsafe' on Linux)

Verify Fix Applied:

Verify installed BSAFE library versions match patched versions (SSL-J ≥6.5 or 7.1, Crypto-J ≥6.2.6.1 or 7.0)

📡 Detection & Monitoring

Log Indicators:

  • Unexpected process execution
  • Network connections from cryptographic libraries
  • Application crashes

Network Indicators:

  • Unusual outbound connections from systems using BSAFE libraries
  • Traffic patterns indicating exploitation attempts

SIEM Query:

Search for process execution events involving BSAFE libraries or related cryptographic functions

📊 Metadata

CVE ID: CVE-2022-34381
CVSS v3 Score: 9.1 (CRITICAL)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
CWE: CWE-1329
Published: February 2, 2024
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-34381, you might also want to check these:

CVE-2026-21265 6.4

This CVE describes a Windows Secure Boot certificate expiration issue where Microsoft's UEFI certifi...

Same vulnerability type (CWE-1329)