Article Number: 000202974
Low
Proprietary Code CVE | Description | CVSS Base Score | CVSS Vector String |
CVE-2022-34394 | Dell OS10 version 10.5.3.4 contains an Improper Certificate Validation vulnerability in SupportAssist under specific conditions. A remote unauthenticated user may potentially exploit this vulnerability, leading to unauthorized access to limited switch configuration data that could be leveraged to conduct man-in-the-middle attacks. | 3.7 | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N |
Proprietary Code CVE | Description | CVSS Base Score | CVSS Vector String |
CVE-2022-34394 | Dell OS10 version 10.5.3.4 contains an Improper Certificate Validation vulnerability in SupportAssist under specific conditions. A remote unauthenticated user may potentially exploit this vulnerability, leading to unauthorized access to limited switch configuration data that could be leveraged to conduct man-in-the-middle attacks. | 3.7 | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N |
Product | Affected Version | Updated Version | Link to Update |
Dell Networking OS10 | 10.5.3.4 | 10.5.3.5 | Link to update |
The user can also upgrade to 10.5.4.0 |
Product | Affected Version | Updated Version | Link to Update |
Dell Networking OS10 | 10.5.3.4 | 10.5.3.5 | Link to update |
The user can also upgrade to 10.5.4.0 |
A system configuration file can be manually edited through system CLI.
Revision | Date | Description |
1.0 | 2022-09-01 | Initial Release |
1.1 | 2022-09-06 | Updated DSA ID |
SmartFabric OS10 Software
Product Security Information
06 Sep 2022
Dell Security Advisory