CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-34424
https://notcve.org/view.php?id=CVE-2022-34424
28 Sep 2022 — Networking OS10, versions 10.5.1.x, 10.5.2.x, and 10.5.3.x contain a vulnerability that could allow an attacker to cause a system crash by running particular security scans. Networking OS10, versiones 10.5.1.x, 10.5.2.x y 10.5.3.x contienen una vulnerabilidad que podría permitir a un atacante causar un fallo del sistema al ejecutar determinados escaneos de seguridad • https://www.dell.com/support/kbdoc/en-us/000202971/dsa-2022-135-dell-emc-smartfabric-os10-security-update-for-multiple-security-vulnerabilities • CWE-787: Out-of-bounds Write •
CVSS: 3.7EPSS: 0%CPEs: 1EXPL: 0CVE-2022-34394
https://notcve.org/view.php?id=CVE-2022-34394
28 Sep 2022 — Dell OS10, version 10.5.3.4, contains an Improper Certificate Validation vulnerability in Support Assist. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to unauthorized access to limited switch configuration data. The vulnerability could be leveraged by attackers to conduct man-in-the-middle attacks to gain access to the Support Assist information. Dell OS10, versión 10.5.3.4, contiene una vulnerabilidad de comprobación inapropiada de certificados en Support Assist. ... • https://www.dell.com/support/kbdoc/en-us/000202974/dsa-2022-293-dell-networking-os10-security-update-for-a-support-assist-vulnerability • CWE-295: Improper Certificate Validation •
CVSS: 6.4EPSS: 0%CPEs: 3EXPL: 0CVE-2022-29089
https://notcve.org/view.php?id=CVE-2022-29089
28 Sep 2022 — Dell Networking OS10, versions prior to October 2021 with Smart Fabric Services enabled, contains an information disclosure vulnerability. A remote, unauthenticated attacker could potentially exploit this vulnerability by reverse engineering to retrieve sensitive information and access the REST API with admin privileges. Dell Networking OS10, versiones anteriores a octubre 2021 con Smart Fabric Services habilitado, contiene una vulnerabilidad de divulgación de información. Un atacante remoto no autenticado ... • https://www.dell.com/support/kbdoc/en-us/000202971/dsa-2022-135-dell-emc-smartfabric-os10-security-update-for-multiple-security-vulnerabilities • CWE-522: Insufficiently Protected Credentials •