Описание
Dell Networking OS10, versions prior to October 2021 with Smart Fabric Services enabled, contains an information disclosure vulnerability. A remote, unauthenticated attacker could potentially exploit this vulnerability by reverse engineering to retrieve sensitive information and access the REST API with admin privileges.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 10.5.1.0 (включая) до 10.5.1.11 (исключая)Версия от 10.5.2.0 (включая) до 10.5.2.11 (исключая)Версия от 10.5.3.0 (включая) до 10.5.3.5 (исключая)
Одно из
cpe:2.3:o:dell:smartfabric_os10:*:*:*:*:*:*:*:*
cpe:2.3:o:dell:smartfabric_os10:*:*:*:*:*:*:*:*
cpe:2.3:o:dell:smartfabric_os10:*:*:*:*:*:*:*:*
EPSS
Процентиль: 41%
0.0019
Низкий
6.4 Medium
CVSS3
4.9 Medium
CVSS3
Дефекты
CWE-522
CWE-522
Связанные уязвимости
CVSS3: 4.9
github
больше 3 лет назад
Dell Networking OS10, versions prior to October 2021 with Smart Fabric Services enabled, contains an information disclosure vulnerability. A remote, unauthenticated attacker could potentially exploit this vulnerability by reverse engineering to retrieve sensitive information and access the REST API with admin privileges.
EPSS
Процентиль: 41%
0.0019
Низкий
6.4 Medium
CVSS3
4.9 Medium
CVSS3
Дефекты
CWE-522
CWE-522