DSA-2019-019: Dell Networking OS10 OS Command Injection Vulnerability
Summary: DSA-2019-019: Dell Networking OS10 OS Command Injection Vulnerability
Impact
High
Details
Dell OS10 versions prior to 10.4.2.1 contain a vulnerability caused by lack of proper input validation on the command-line interface (CLI). This could potentially allow an attacker to execute unexpected, dangerous commands directly on the operating system.
Dell OS10 versions prior to 10.4.2.1 contain a vulnerability caused by lack of proper input validation on the command-line interface (CLI). This could potentially allow an attacker to execute unexpected, dangerous commands directly on the operating system.
Produse afectate și măsuri de remediere
Affected products:
Dell OS10 versions prior to 10.4.2.1
Resolution:
The following Dell OS10 versions have been updated to address this vulnerability:
-
Dell OS10 versions 10.4.0-R3S,
-
Dell OS10 versions 10.4.1.4,
-
Dell OS10 versions 10.4.2.1 and later
Dell recommends all customers apply available patches at the earliest opportunity.
Affected products:
Dell OS10 versions prior to 10.4.2.1
Resolution:
The following Dell OS10 versions have been updated to address this vulnerability:
-
Dell OS10 versions 10.4.0-R3S,
-
Dell OS10 versions 10.4.1.4,
-
Dell OS10 versions 10.4.2.1 and later
Dell recommends all customers apply available patches at the earliest opportunity.
Acknowledgements
Dell would like to thank Thorsten Tüllmann from the Karlsruhe Institute of Technology for reporting this vulnerability.