CVE-2024-29171

Medium

Published: 12 February 2025

Published

12 February 2025

Modified

19 March 2025

KEV Added

—

Patch

—

CVSS Score 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS Score 0.0009 25.7th percentile

Risk Priority 12 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-29171 is a medium-severity Improper Certificate Validation (CWE-295) vulnerability in Dell Bsafe Ssl-J. Its CVSS base score is 5.9 (Medium).

Operationally, ranked at the 25.7th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SC-17 (Public Key Infrastructure Certificates) and SI-2 (Flaw Remediation).

Threat & Defense at a Glance

What defenders deploy: see the NIST 800-53 controls recommended below.

Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SC-17 Public Key Infrastructure Certificates good match

prevent

SC-17 mandates verification of PKI certificate validity criteria and processes, directly preventing exploitation of improper certificate verification in SSL/TLS operations.

SI-2 Flaw Remediation good match

prevent

SI-2 requires timely identification, reporting, and correction of flaws like CVE-2024-29171 in BSAFE SSL-J, eliminating the vulnerability through patching.

SC-13 Cryptographic Protection partial match

prevent

SC-13 enforces use of compliant cryptographic modules for protections like SSL/TLS, mitigating risks from flawed implementations in libraries such as BSAFE SSL-J.

NVD Description

Dell BSAFE SSL-J, versions prior to 6.6 and versions 7.0 through 7.2, contains an Improper certificate verification vulnerability. A remote attacker could potentially exploit this vulnerability, leading to information disclosure.

Deeper analysisAI

CVE-2024-29171 is an improper certificate verification vulnerability (CWE-295) in Dell BSAFE SSL-J, affecting versions prior to 6.6 and versions 7.0 through 7.2. This flaw enables a remote attacker to potentially bypass proper validation of certificates during SSL/TLS operations, with a CVSS v3.1 base score of 5.9 (AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N), rated as Medium severity due to high confidentiality impact.

A remote, unauthenticated attacker with network access can exploit this vulnerability, though it requires high attack complexity. No user interaction or privileges are needed, and exploitation leads to information disclosure without affecting integrity or availability.

Dell's DSA-2024-221 advisory provides a security update addressing multiple vulnerabilities in BSAFE SSL-J, including CVE-2024-29171. Further details on patches and mitigation are available in the Dell support knowledge base article at https://www.dell.com/support/kbdoc/en-us/000226620/dsa-2024-221-security-update-for-dell-bsafe-ssl-j-multiple-vulnerabilities.

Details

CWE(s): CWE-295

Affected Products

dell

bsafe ssl-j

≤ 6.6 · 7.0 — 7.2.1

CVEs Like This One

CVE-2024-29172Same product: Dell Bsafe Ssl-J

CVE-2026-23776Same vendor: Dell

CVE-2026-25907Same vendor: Dell

CVE-2025-24386Same vendor: Dell

CVE-2026-32655Same vendor: Dell

CVE-2026-27102Same vendor: Dell

CVE-2025-36604Same vendor: Dell

CVE-2026-26944Same vendor: Dell

CVE-2025-21105Same vendor: Dell

CVE-2025-45379Same vendor: Dell

References

https://www.dell.com/support/kbdoc/en-us/000226620/dsa-2024-221-security-update-for-dell-bsafe-ssl-j-multiple-vulnerabilities
Vendor Advisory · security_alert@emc.com