CVE-2024-25949

Summary

Dell OS10 Networking Switches, versions10.5.6.x, 10.5.5.x, 10.5.4.x and 10.5.3.x ,contain an improper authorization vulnerability. A remote authenticated attacker could potentially exploit this vulnerability leading to escalation of privileges.

Affected Software

VendorProductVersion RangeStatus
DellSmartFabric OS10 SoftwareN/A <= 10.5.6.xaffected
DellSmartFabric OS10 SoftwareN/A <= 10.5.5.xaffected
DellSmartFabric OS10 SoftwareN/A <= 10.5.4.xaffected
DellSmartFabric OS10 SoftwareN/A <= 10.5.3.xaffected

Weaknesses

  • CWE-285: CWE-285: Improper Authorization

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

CVE Program Container

Additional References

References