CVE-2023-32484
9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Dell Networking Switches running Enterprise SONiC versions 4.1.0, 4.0.5, 3.5.4 and below contains an improper input validation vulnerability. A remote unauthenticated malicious user may exploit this vulnerability and escalate privileges up to the highest administrative level. This is a Critical vulnerability affecting certain protocols, Dell recommends customers to upgrade at the earliest opportunity.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Dell | Enterprise SONiC OS | 3.5.x | affected |
| Dell | Enterprise SONiC OS | 4.0.x | affected |
| Dell | Enterprise SONiC OS | 4.1.0 | affected |
Weaknesses
- CWE-20: CWE-20: Improper Input Validation
ADP Enrichment
CVE Program Container
Additional References
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: yes
- Technical Impact: total
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.