CVE-2024-48017

Summary

Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s) an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Code execution.

Affected Software

VendorProductVersion RangeStatus
DellSmartFabric OS10 Software10.5.4.xaffected
DellSmartFabric OS10 Software10.5.5.xaffected
DellSmartFabric OS10 Software10.5.6.xaffected
DellSmartFabric OS10 Software10.6.0.xaffected

Weaknesses

  • CWE-77: CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection')

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References