CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-34424
https://notcve.org/view.php?id=CVE-2022-34424
Networking OS10, versions 10.5.1.x, 10.5.2.x, and 10.5.3.x contain a vulnerability that could allow an attacker to cause a system crash by running particular security scans. Networking OS10, versiones 10.5.1.x, 10.5.2.x y 10.5.3.x contienen una vulnerabilidad que podría permitir a un atacante causar un fallo del sistema al ejecutar determinados escaneos de seguridad • https://www.dell.com/support/kbdoc/en-us/000202971/dsa-2022-135-dell-emc-smartfabric-os10-security-update-for-multiple-security-vulnerabilities • CWE-787: Out-of-bounds Write •
CVSS: 6.4EPSS: 0%CPEs: 3EXPL: 0CVE-2022-29089
https://notcve.org/view.php?id=CVE-2022-29089
Dell Networking OS10, versions prior to October 2021 with Smart Fabric Services enabled, contains an information disclosure vulnerability. A remote, unauthenticated attacker could potentially exploit this vulnerability by reverse engineering to retrieve sensitive information and access the REST API with admin privileges. Dell Networking OS10, versiones anteriores a octubre 2021 con Smart Fabric Services habilitado, contiene una vulnerabilidad de divulgación de información. Un atacante remoto no autenticado podría explotar esta vulnerabilidad mediante ingeniería inversa para recuperar información confidencial y acceder a la API REST con privilegios de administrador • https://www.dell.com/support/kbdoc/en-us/000202971/dsa-2022-135-dell-emc-smartfabric-os10-security-update-for-multiple-security-vulnerabilities • CWE-522: Insufficiently Protected Credentials •