Skip to main content
Sign Out

Welcome to Dell

My Account
  • Place orders quickly and easily
  • View orders and track your shipping status
  • Enjoy members-only rewards and discounts
  • Create and access a list of your products
  • Manage your Dell EMC sites, products, and product-level contacts using Company Administration.
Sign In Create an Account Dell Financial Services Premier Sign In Partner Program Sign In
Contact Us

Your Dell.com Carts

Article Number: 000142647

DSA-2019-019: Dell Networking OS10 OS Command Injection Vulnerability

Summary: DSA-2019-019: Dell Networking OS10 OS Command Injection Vulnerability

Article Content

Impact

High

Details

Dell OS10 versions prior to 10.4.2.1 contain a vulnerability caused by lack of proper input validation on the command-line interface (CLI). This could potentially allow an attacker to execute unexpected, dangerous commands directly on the operating system.

Dell OS10 versions prior to 10.4.2.1 contain a vulnerability caused by lack of proper input validation on the command-line interface (CLI). This could potentially allow an attacker to execute unexpected, dangerous commands directly on the operating system.

Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.

Affected Products and Remediation

Affected products: 

Dell OS10 versions prior to 10.4.2.1

Resolution: 

The following Dell OS10 versions have been updated to address this vulnerability:

  •  Dell OS10 versions 10.4.0-R3S,

  •  Dell OS10 versions 10.4.1.4,

  •  Dell OS10 versions 10.4.2.1 and later

    Dell recommends all customers apply available patches at the earliest opportunity.

Affected products: 

Dell OS10 versions prior to 10.4.2.1

Resolution: 

The following Dell OS10 versions have been updated to address this vulnerability:

  •  Dell OS10 versions 10.4.0-R3S,

  •  Dell OS10 versions 10.4.1.4,

  •  Dell OS10 versions 10.4.2.1 and later

    Dell recommends all customers apply available patches at the earliest opportunity.

Acknowledgements

Dell would like to thank Thorsten Tüllmann from the Karlsruhe Institute of Technology for reporting this vulnerability.

Related Information

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Legal Information

Article Properties

Affected Product

Networking

Last Published Date

21 Feb 2021

Version

4

Article Type

Dell Security Advisory

Back to Top