DSA-2022-135: Dell SmartFabric OS10 Security Update for Multiple Security Vulnerabilities
Samenvatting: Dell SmartFabric OS10 remediation is available for multiple security vulnerabilities that may be exploited by malicious users to compromise the affected system.
Dit artikel is van toepassing op
Dit artikel is niet van toepassing op
Dit artikel is niet gebonden aan een specifiek product.
Niet alle productversies worden in dit artikel vermeld.
Impact
High
Gegevens
| Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
| CVE-2022-29089 | Networking OS10, versions before October 2021 with SmartFabric Services enabled, contains an information disclosure vulnerability. A remote, unauthenticated attacker may potentially exploit this vulnerability by reverse engineering to retrieve sensitive information and access the REST API with admin privileges. | 6.4 | CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H |
| CVE-2022-34424 | Networking OS10, versions 10.5.1.x, 10.5.2.x, and 10.5.3.x contain a vulnerability that may potentially allow an attacker to cause a system crash by running particular security scans. | 7.5 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
| Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
| CVE-2022-29089 | Networking OS10, versions before October 2021 with SmartFabric Services enabled, contains an information disclosure vulnerability. A remote, unauthenticated attacker may potentially exploit this vulnerability by reverse engineering to retrieve sensitive information and access the REST API with admin privileges. | 6.4 | CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H |
| CVE-2022-34424 | Networking OS10, versions 10.5.1.x, 10.5.2.x, and 10.5.3.x contain a vulnerability that may potentially allow an attacker to cause a system crash by running particular security scans. | 7.5 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Getroffen producten en herstel
| Product | Affected Versions | Updated Versions | Link to Update |
| SmartFabric OS10 | Versions before 10.5.1.11 | 10.5.1.11 | Link to update |
| Versions before 10.5.2.11 | 10.5.2.11 | Link to update | |
| Versions before 10.5.3.5 | 10.5.3.5 | Link to update | |
| Versions before 10.5.4.0 | 10.5.4.0 | Link to update |
Note: The table above may not be a comprehensive list of all affected supported versions and may be updated as more information becomes available.
| Product | Affected Versions | Updated Versions | Link to Update |
| SmartFabric OS10 | Versions before 10.5.1.11 | 10.5.1.11 | Link to update |
| Versions before 10.5.2.11 | 10.5.2.11 | Link to update | |
| Versions before 10.5.3.5 | 10.5.3.5 | Link to update | |
| Versions before 10.5.4.0 | 10.5.4.0 | Link to update |
Note: The table above may not be a comprehensive list of all affected supported versions and may be updated as more information becomes available.
Revisiegeschiedenis
| Revision | Date | Description |
| 1.0 | 2022-09-01 | Initial Release |
Verwante informatie
Juridische verklaring van afstand
Getroffen producten
SmartFabric OS10 SoftwareProducten
Product Security InformationArtikeleigenschappen
Artikelnummer: 000202971
Artikeltype: Dell Security Advisory
Laatst aangepast: 01 sep. 2022
Vind antwoorden op uw vragen via andere Dell gebruikers
Support Services
Controleer of uw apparaat wordt gedekt door Support Services.