DSA-2022-135: Dell SmartFabric OS10 Security Update for Multiple Security Vulnerabilities
摘要: Dell SmartFabric OS10 remediation is available for multiple security vulnerabilities that may be exploited by malicious users to compromise the affected system.
本文适用于
本文不适用于
本文并非针对某种特定的产品。
本文并非包含所有产品版本。
影响
High
详情
| Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
| CVE-2022-29089 | Networking OS10, versions before October 2021 with SmartFabric Services enabled, contains an information disclosure vulnerability. A remote, unauthenticated attacker may potentially exploit this vulnerability by reverse engineering to retrieve sensitive information and access the REST API with admin privileges. | 6.4 | CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H |
| CVE-2022-34424 | Networking OS10, versions 10.5.1.x, 10.5.2.x, and 10.5.3.x contain a vulnerability that may potentially allow an attacker to cause a system crash by running particular security scans. | 7.5 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
| Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
| CVE-2022-29089 | Networking OS10, versions before October 2021 with SmartFabric Services enabled, contains an information disclosure vulnerability. A remote, unauthenticated attacker may potentially exploit this vulnerability by reverse engineering to retrieve sensitive information and access the REST API with admin privileges. | 6.4 | CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H |
| CVE-2022-34424 | Networking OS10, versions 10.5.1.x, 10.5.2.x, and 10.5.3.x contain a vulnerability that may potentially allow an attacker to cause a system crash by running particular security scans. | 7.5 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
受影响的产品和补救措施
| Product | Affected Versions | Updated Versions | Link to Update |
| SmartFabric OS10 | Versions before 10.5.1.11 | 10.5.1.11 | Link to update |
| Versions before 10.5.2.11 | 10.5.2.11 | Link to update | |
| Versions before 10.5.3.5 | 10.5.3.5 | Link to update | |
| Versions before 10.5.4.0 | 10.5.4.0 | Link to update |
Note: The table above may not be a comprehensive list of all affected supported versions and may be updated as more information becomes available.
| Product | Affected Versions | Updated Versions | Link to Update |
| SmartFabric OS10 | Versions before 10.5.1.11 | 10.5.1.11 | Link to update |
| Versions before 10.5.2.11 | 10.5.2.11 | Link to update | |
| Versions before 10.5.3.5 | 10.5.3.5 | Link to update | |
| Versions before 10.5.4.0 | 10.5.4.0 | Link to update |
Note: The table above may not be a comprehensive list of all affected supported versions and may be updated as more information becomes available.
修订历史记录
| Revision | Date | Description |
| 1.0 | 2022-09-01 | Initial Release |
相关信息
法律免责声明
受影响的产品
SmartFabric OS10 Software产品
Product Security Information文章属性
文章编号: 000202971
文章类型: Dell Security Advisory
上次修改时间: 01 9月 2022
从其他戴尔用户那里查找问题的答案
支持服务
检查您的设备是否在支持服务涵盖的范围内。