Impact
Low
Details
Proprietary Code CVE |
Description |
CVSS Base Score |
CVSS Vector String |
CVE-2022-34394 |
Dell OS10 version 10.5.3.4 contains an Improper Certificate Validation vulnerability in SupportAssist under specific conditions. A remote unauthenticated user may potentially exploit this vulnerability, leading to unauthorized access to limited switch configuration data that could be leveraged to conduct man-in-the-middle attacks. |
3.7 |
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N |
Proprietary Code CVE |
Description |
CVSS Base Score |
CVSS Vector String |
CVE-2022-34394 |
Dell OS10 version 10.5.3.4 contains an Improper Certificate Validation vulnerability in SupportAssist under specific conditions. A remote unauthenticated user may potentially exploit this vulnerability, leading to unauthorized access to limited switch configuration data that could be leveraged to conduct man-in-the-middle attacks. |
3.7 |
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N |
Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.
Product |
Affected Version |
Updated Version |
Link to Update |
Dell Networking OS10 |
10.5.3.4 |
10.5.3.5 |
Link to update |
The user can also upgrade to 10.5.4.0 |
Note: The table above may not be a comprehensive list of all affected supported versions and may be updated as more information becomes available.
Product |
Affected Version |
Updated Version |
Link to Update |
Dell Networking OS10 |
10.5.3.4 |
10.5.3.5 |
Link to update |
The user can also upgrade to 10.5.4.0 |
Note: The table above may not be a comprehensive list of all affected supported versions and may be updated as more information becomes available.
Workarounds & Mitigations
A system configuration file can be manually edited through system CLI.
Revision History
Revision | Date | Description |
1.0 | 2022-09-01 | Initial Release |
1.1 | 2022-09-06 | Updated DSA ID |
Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide
Affected Products
SmartFabric OS10 Software
Products
Product Security Information