DSA-2019-019: Dell Networking OS10 OS Command Injection Vulnerability
Resumen: DSA-2019-019: Dell Networking OS10 OS Command Injection Vulnerability
Impacto
High
Detalles
Dell OS10 versions prior to 10.4.2.1 contain a vulnerability caused by lack of proper input validation on the command-line interface (CLI). This could potentially allow an attacker to execute unexpected, dangerous commands directly on the operating system.
Dell OS10 versions prior to 10.4.2.1 contain a vulnerability caused by lack of proper input validation on the command-line interface (CLI). This could potentially allow an attacker to execute unexpected, dangerous commands directly on the operating system.
Corrección y productos afectados
Affected products:
Dell OS10 versions prior to 10.4.2.1
Resolution:
The following Dell OS10 versions have been updated to address this vulnerability:
-
Dell OS10 versions 10.4.0-R3S,
-
Dell OS10 versions 10.4.1.4,
-
Dell OS10 versions 10.4.2.1 and later
Dell recommends all customers apply available patches at the earliest opportunity.
Affected products:
Dell OS10 versions prior to 10.4.2.1
Resolution:
The following Dell OS10 versions have been updated to address this vulnerability:
-
Dell OS10 versions 10.4.0-R3S,
-
Dell OS10 versions 10.4.1.4,
-
Dell OS10 versions 10.4.2.1 and later
Dell recommends all customers apply available patches at the earliest opportunity.
Reconocimientos
Dell would like to thank Thorsten Tüllmann from the Karlsruhe Institute of Technology for reporting this vulnerability.