Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2023-32462

Опубликовано: 15 фев. 2024
Источник: nvd
CVSS3: 9.8
EPSS Низкий

Описание

Dell OS10 Networking Switches running 10.5.2.x and above contain an OS command injection vulnerability when using remote user authentication. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands and possible system takeover. This is a critical vulnerability as it allows an attacker to cause severe damage. Dell recommends customers to upgrade at the earliest opportunity.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:dell:smartfabric_os10:*:*:*:*:*:*:*:*
Версия от 10.5.2.0 (включая) до 10.5.2.12 (исключая)
cpe:2.3:o:dell:smartfabric_os10:*:*:*:*:*:*:*:*
Версия от 10.5.3.0 (включая) до 10.5.3.8 (исключая)
cpe:2.3:o:dell:smartfabric_os10:*:*:*:*:*:*:*:*
Версия от 10.5.4.0 (включая) до 10.5.4.8 (исключая)
cpe:2.3:o:dell:smartfabric_os10:10.5.5.0:*:*:*:*:*:*:*
cpe:2.3:o:dell:smartfabric_os10:10.5.5.1:*:*:*:*:*:*:*
cpe:2.3:o:dell:smartfabric_os10:10.5.5.2:*:*:*:*:*:*:*
cpe:2.3:o:dell:smartfabric_os10:10.5.5.3:*:*:*:*:*:*:*

EPSS

Процентиль: 82%
0.01703
Низкий

9.8 Critical

CVSS3

Дефекты

CWE-20
CWE-78

Связанные уязвимости

github логотип

GHSA-7fx5-87f8-g5qm

CVSS3: 9.8
github
почти 2 года назад

Dell OS10 Networking Switches running 10.5.2.x and above contain an OS command injection vulnerability when using remote user authentication. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands and possible system takeover. This is a critical vulnerability as it allows an attacker to cause severe damage. Dell recommends customers to upgrade at the earliest opportunity.

EPSS

Процентиль: 82%
0.01703
Низкий

9.8 Critical

CVSS3

Дефекты

CWE-20
CWE-78