CVSS: 10.0EPSS: 0%CPEs: 5EXPL: 0CVE-2023-32462
https://notcve.org/view.php?id=CVE-2023-32462
15 Feb 2024 — Dell OS10 Networking Switches running 10.5.2.x and above contain an OS command injection vulnerability when using remote user authentication. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands and possible system takeover. This is a critical vulnerability as it allows an attacker to cause severe damage. Dell recommends customers to upgrade at the earliest opportunity. Los conmutadores de red Dell OS10 que ejecutan 10.5.2.x y vers... • https://www.dell.com/support/kbdoc/en-us/000216584/dsa-2023-124-security-update-for-dell-smartfabric-os10-multiple-vulnerabilities • CWE-20: Improper Input Validation •
CVSS: 9.1EPSS: 0%CPEs: 5EXPL: 0CVE-2023-28078
https://notcve.org/view.php?id=CVE-2023-28078
15 Feb 2024 — Dell OS10 Networking Switches running 10.5.2.x and above contain a vulnerability with zeroMQ when VLT is configured. A remote unauthenticated attacker could potentially exploit this vulnerability leading to information disclosure and a possible Denial of Service when a huge number of requests are sent to the switch. This is a high severity vulnerability as it allows an attacker to view sensitive data. Dell recommends customers to upgrade at the earliest opportunity. Los conmutadores de red Dell OS10 que eje... • https://www.dell.com/support/kbdoc/en-us/000216584/dsa-2023-124-security-update-for-dell-smartfabric-os10-multiple-vulnerabilities • CWE-923: Improper Restriction of Communication Channel to Intended Endpoints •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-34424
https://notcve.org/view.php?id=CVE-2022-34424
28 Sep 2022 — Networking OS10, versions 10.5.1.x, 10.5.2.x, and 10.5.3.x contain a vulnerability that could allow an attacker to cause a system crash by running particular security scans. Networking OS10, versiones 10.5.1.x, 10.5.2.x y 10.5.3.x contienen una vulnerabilidad que podría permitir a un atacante causar un fallo del sistema al ejecutar determinados escaneos de seguridad • https://www.dell.com/support/kbdoc/en-us/000202971/dsa-2022-135-dell-emc-smartfabric-os10-security-update-for-multiple-security-vulnerabilities • CWE-787: Out-of-bounds Write •
CVSS: 3.7EPSS: 0%CPEs: 1EXPL: 0CVE-2022-34394
https://notcve.org/view.php?id=CVE-2022-34394
28 Sep 2022 — Dell OS10, version 10.5.3.4, contains an Improper Certificate Validation vulnerability in Support Assist. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to unauthorized access to limited switch configuration data. The vulnerability could be leveraged by attackers to conduct man-in-the-middle attacks to gain access to the Support Assist information. Dell OS10, versión 10.5.3.4, contiene una vulnerabilidad de comprobación inapropiada de certificados en Support Assist. ... • https://www.dell.com/support/kbdoc/en-us/000202974/dsa-2022-293-dell-networking-os10-security-update-for-a-support-assist-vulnerability • CWE-295: Improper Certificate Validation •
CVSS: 6.4EPSS: 0%CPEs: 3EXPL: 0CVE-2022-29089
https://notcve.org/view.php?id=CVE-2022-29089
28 Sep 2022 — Dell Networking OS10, versions prior to October 2021 with Smart Fabric Services enabled, contains an information disclosure vulnerability. A remote, unauthenticated attacker could potentially exploit this vulnerability by reverse engineering to retrieve sensitive information and access the REST API with admin privileges. Dell Networking OS10, versiones anteriores a octubre 2021 con Smart Fabric Services habilitado, contiene una vulnerabilidad de divulgación de información. Un atacante remoto no autenticado ... • https://www.dell.com/support/kbdoc/en-us/000202971/dsa-2022-135-dell-emc-smartfabric-os10-security-update-for-multiple-security-vulnerabilities • CWE-522: Insufficiently Protected Credentials •