CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-24574
https://notcve.org/view.php?id=CVE-2023-24574
Dell Enterprise SONiC OS, 3.5.3, 4.0.0, 4.0.1, 4.0.2, contains an "Uncontrolled Resource Consumption vulnerability" in authentication component. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to uncontrolled resource consumption by creating permanent home directories for unauthenticated users. • https://www.dell.com/support/kbdoc/en-us/000208165/dsa-2023-039-dell-emc-enterprise-sonic-security-update-for-an-uncontrolled-resource-consumption-vulnerability • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-34425
https://notcve.org/view.php?id=CVE-2022-34425
Dell Enterprise SONiC OS, 4.0.0, 4.0.1, contain a cryptographic key vulnerability in SSH. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to unauthorized access to communication. Dell Enterprise SONiC OS, versiones 4.0.0, 4.0.1, contienen una vulnerabilidad de clave criptográfica en SSH. Un atacante remoto no autenticado podría explotar esta vulnerabilidad, conllevando a un acceso no autorizado a la comunicación • https://www.dell.com/support/kbdoc/en-us/000203395/dsa-2022-257-dell-emc-enterprise-sonic-security-update-for-ssh-cryptographic-key-vulnerability • CWE-321: Use of Hard-coded Cryptographic Key CWE-798: Use of Hard-coded Credentials •