CVE-2019-3710

Summary

Dell EMC Networking OS10 versions prior to 10.4.3 contain a cryptographic key vulnerability due to an underlying application using undocumented, pre-installed X.509v3 key/certificate pairs. An unauthenticated remote attacker with the knowledge of the default keys may potentially be able to intercept communications or operate the system with elevated privileges.

Affected Software

VendorProductVersion RangeStatus
Dell EMCDell EMC Networking OS10unspecified < 10.4.3.0affected

Weaknesses

  • Undocumented Default Cryptographic Key

ADP Enrichment

CVE Program Container

Additional References

References