CVE-2024-48830

Summary

Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s) an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution.

Affected Software

VendorProductVersion RangeStatus
DellSmartFabric OS10 Software10.5.4.xaffected
DellSmartFabric OS10 Software10.5.5.xaffected
DellSmartFabric OS10 Software10.5.6.xaffected
DellSmartFabric OS10 Software10.6.0.xaffected

Weaknesses

  • CWE-77: CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection')

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References