CVE-2022-34394
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Dell OS10, version 10.5.3.4, contains an Improper Certificate Validation vulnerability in Support Assist. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to unauthorized access to limited switch configuration data. The vulnerability could be leveraged by attackers to conduct man-in-the-middle attacks to gain access to the Support Assist information.
Dell OS10, versión 10.5.3.4, contiene una vulnerabilidad de comprobación inapropiada de certificados en Support Assist. Un atacante remoto no autenticado podría explotar esta vulnerabilidad, lo que conllevaría un acceso no autorizado a datos limitados de configuración del conmutador. La vulnerabilidad podría ser aprovechada por los atacantes para conducir ataques de tipo man-in-the-middle para conseguir acceso a la información de Support Assist
CVSS Scores
SSVC
- Decision:-
Timeline
- 2022-06-23 CVE Reserved
- 2022-09-28 CVE Published
- 2024-03-24 EPSS Updated
- 2024-09-17 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-295: Improper Certificate Validation
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Dell Search vendor "Dell" | Smartfabric Os10 Search vendor "Dell" for product "Smartfabric Os10" | 10.5.3.4 Search vendor "Dell" for product "Smartfabric Os10" and version "10.5.3.4" | - |
Affected
| ||||||