OS10
by Dell
CVEs (7)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-32462 | 0.00 | — | 0.01 | Feb 15, 2024 | Dell OS10 Networking Switches running 10.5.2.x and above contain an OS command injection vulnerability when using remote user authentication. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands and… | |||
| CVE-2022-34424 | 0.00 | — | 0.00 | Sep 28, 2022 | Networking OS10, versions 10.5.1.x, 10.5.2.x, and 10.5.3.x contain a vulnerability that could allow an attacker to cause a system crash by running particular security scans. | |||
| CVE-2022-34394 | 0.00 | — | 0.00 | Sep 28, 2022 | Dell OS10, version 10.5.3.4, contains an Improper Certificate Validation vulnerability in Support Assist. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to unauthorized access to limited switch configuration data. The vulnerability could… | |||
| CVE-2022-29089 | 0.00 | — | 0.00 | Sep 28, 2022 | Dell Networking OS10, versions prior to October 2021 with Smart Fabric Services enabled, contains an information disclosure vulnerability. A remote, unauthenticated attacker could potentially exploit this vulnerability by reverse engineering to retrieve sensitive information and… | |||
| CVE-2021-36307 | 0.00 | — | 0.00 | Nov 20, 2021 | Networking OS10, versions prior to October 2021 with RESTCONF API enabled, contains a privilege escalation vulnerability. A malicious low privileged user with specific access to the API could potentially exploit this vulnerability to gain admin privileges on the affected system. | |||
| CVE-2021-36306 | 0.00 | — | 0.02 | Nov 20, 2021 | Networking OS10, versions prior to October 2021 with RESTCONF API enabled, contains an authentication bypass vulnerability. A remote unauthenticated attacker could exploit this vulnerability to gain access and perform actions on the affected system. | |||
| CVE-2018-15778 | 0.00 | — | 0.00 | Feb 4, 2019 | Dell OS10 versions prior to 10.4.2.1 contain a vulnerability caused by lack of proper input validation on the command-line interface (CLI). |
- CVE-2023-32462Feb 15, 2024risk 0.00cvss —epss 0.01
Dell OS10 Networking Switches running 10.5.2.x and above contain an OS command injection vulnerability when using remote user authentication. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands and…
- CVE-2022-34424Sep 28, 2022risk 0.00cvss —epss 0.00
Networking OS10, versions 10.5.1.x, 10.5.2.x, and 10.5.3.x contain a vulnerability that could allow an attacker to cause a system crash by running particular security scans.
- CVE-2022-34394Sep 28, 2022risk 0.00cvss —epss 0.00
Dell OS10, version 10.5.3.4, contains an Improper Certificate Validation vulnerability in Support Assist. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to unauthorized access to limited switch configuration data. The vulnerability could…
- CVE-2022-29089Sep 28, 2022risk 0.00cvss —epss 0.00
Dell Networking OS10, versions prior to October 2021 with Smart Fabric Services enabled, contains an information disclosure vulnerability. A remote, unauthenticated attacker could potentially exploit this vulnerability by reverse engineering to retrieve sensitive information and…
- CVE-2021-36307Nov 20, 2021risk 0.00cvss —epss 0.00
Networking OS10, versions prior to October 2021 with RESTCONF API enabled, contains a privilege escalation vulnerability. A malicious low privileged user with specific access to the API could potentially exploit this vulnerability to gain admin privileges on the affected system.
- CVE-2021-36306Nov 20, 2021risk 0.00cvss —epss 0.02
Networking OS10, versions prior to October 2021 with RESTCONF API enabled, contains an authentication bypass vulnerability. A remote unauthenticated attacker could exploit this vulnerability to gain access and perform actions on the affected system.
- CVE-2018-15778Feb 4, 2019risk 0.00cvss —epss 0.00
Dell OS10 versions prior to 10.4.2.1 contain a vulnerability caused by lack of proper input validation on the command-line interface (CLI).