Article Number: 000225922
High
Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
---|---|---|---|
CVE-2024-25949 | Dell OS10 Networking Switches, versions10.5.6.x, 10.5.5.x, 10.5.4.x and 10.5.3.x ,contain an improper authorization vulnerability. A remote authenticated attacker could potentially exploit this vulnerability leading to escalation of privileges. | 8.8 | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
---|---|---|---|
CVE-2024-25949 | Dell OS10 Networking Switches, versions10.5.6.x, 10.5.5.x, 10.5.4.x and 10.5.3.x ,contain an improper authorization vulnerability. A remote authenticated attacker could potentially exploit this vulnerability leading to escalation of privileges. | 8.8 | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Product | Affected Versions | Remediated Versions | Link |
---|---|---|---|
Dell Networking OS10 | 10.5.6.x | 10.5.6.1 | SmartFabric OS10 downloads page |
Dell Networking OS10 | 10.5.5.x | 10.5.5.8 | SmartFabric OS10 downloads page |
Dell Networking OS10 | 10.5.4.x | 10.5.4.11 | SmartFabric OS10 downloads page |
Dell Networking OS10 | 10.5.3.x | 10.5.3.10 | SmartFabric OS10 downloads page |
Product | Affected Versions | Remediated Versions | Link |
---|---|---|---|
Dell Networking OS10 | 10.5.6.x | 10.5.6.1 | SmartFabric OS10 downloads page |
Dell Networking OS10 | 10.5.5.x | 10.5.5.8 | SmartFabric OS10 downloads page |
Dell Networking OS10 | 10.5.4.x | 10.5.4.11 | SmartFabric OS10 downloads page |
Dell Networking OS10 | 10.5.3.x | 10.5.3.10 | SmartFabric OS10 downloads page |
CVE ID | Workaround and Mitigation |
---|---|
CVE-2024-25949 | Review the configuration between ISE and TACACS for possible mis-configurations. |
Revision | Date | Description |
---|---|---|
1.0 | 2024-06-10 | Initial release |
2.0 | 2024-06-12 | Updates to table formatting only. No content changes. |
SmartFabric OS10 Software
12 Jun 2024
Dell Security Advisory