CVE-2024-39577

Summary

Dell SmartFabric OS10 Software, versions 10.5.6.x, 10.5.5.x, 10.5.4.x, 10.5.3.x, contains an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability leading to code execution.

Affected Software

VendorProductVersion RangeStatus
DellSmartFabric OS10 Software10.5.6.xaffected
DellSmartFabric OS10 Software10.5.5.xaffected
DellSmartFabric OS10 Software10.5.4.xaffected
DellSmartFabric OS10 Software10.5.3.xaffected

Weaknesses

  • CWE-77: CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection')

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References