Dell Networking Os10 vulnerabilities
9 known vulnerabilities affecting dell/networking_os10.
Total CVEs
9
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL2HIGH5MEDIUM1LOW1
Vulnerabilities
Page 1 of 1
CVE-2021-36306P2CRITICALCVSS 9.8fixed in 10.4.3.8≥ 10.5.0.0, < 10.5.0.10+2 more2021-11-20
CVE-2021-36306 [CRITICAL] CWE-287 CVE-2021-36306: Networking OS10, versions prior to October 2021 with RESTCONF API enabled, contains an authenticatio
Networking OS10, versions prior to October 2021 with RESTCONF API enabled, contains an authentication bypass vulnerability. A remote unauthenticated attacker could exploit this vulnerability to gain access and perform actions on the affected system.
nvd
CVE-2021-36308P2CRITICALCVSS 9.8fixed in 10.4.3.8≥ 10.5.0.0, < 10.5.0.10+2 more2021-11-20
CVE-2021-36308 [CRITICAL] CWE-288 CVE-2021-36308: Networking OS10, versions prior to October 2021 with Smart Fabric Services enabled, contains an auth
Networking OS10, versions prior to October 2021 with Smart Fabric Services enabled, contains an authentication bypass vulnerability. A remote unauthenticated attacker could exploit this vulnerability to gain access and perform actions on the affected system.
nvd
CVE-2021-36307P3HIGHCVSS 8.8fixed in 10.4.3.8≥ 10.5.0.0, < 10.5.0.10+2 more2021-11-20
CVE-2021-36307 [HIGH] CWE-269 CVE-2021-36307: Networking OS10, versions prior to October 2021 with RESTCONF API enabled, contains a privilege esca
Networking OS10, versions prior to October 2021 with RESTCONF API enabled, contains a privilege escalation vulnerability. A malicious low privileged user with specific access to the API could potentially exploit this vulnerability to gain admin privileges on the affected system.
nvd
CVE-2024-25949P3HIGHCVSS 8.8≥ 10.5.3.0, < 10.5.3.10≥ 10.5.4.0, < 10.5.4.11+2 more2024-06-12
CVE-2024-25949 [HIGH] CWE-285 CVE-2024-25949: Dell OS10 Networking Switches, versions10.5.6.x, 10.5.5.x, 10.5.4.x and 10.5.3.x ,contain an imprope
Dell OS10 Networking Switches, versions10.5.6.x, 10.5.5.x, 10.5.4.x and 10.5.3.x ,contain an improper authorization vulnerability. A remote authenticated attacker could potentially exploit this vulnerability leading to escalation of privileges.
nvd
CVE-2023-39248P3HIGHCVSS 7.5v10.5.5.52023-12-05
CVE-2023-39248 [HIGH] CWE-400 CVE-2023-39248: Dell OS10 Networking Switches running 10.5.2.x and above contain an Uncontrolled Resource Consumpti
Dell OS10 Networking Switches running 10.5.2.x and above contain an Uncontrolled Resource Consumption (Denial of Service) vulnerability, when switches are configured with VLT and VRRP. A remote unauthenticated user can cause the network to be flooded leading to Denial of Service for actual network users. This is a high severity vulnerability as it allo
nvd
CVE-2018-15784P3HIGHCVSS 7.4fixed in 10.4.3.02019-01-18
CVE-2018-15784 [HIGH] CWE-295 CVE-2018-15784: Dell Networking OS10 versions prior to 10.4.3.0 contain a vulnerability in the Phone Home feature wh
Dell Networking OS10 versions prior to 10.4.3.0 contain a vulnerability in the Phone Home feature which does not properly validate the server's certificate authority during TLS handshake. Use of an invalid or malicious certificate could potentially allow an attacker to spoof a trusted entity by using a man-in-the-middle (MITM) attack.
nvd
CVE-2018-15778P3HIGHCVSS 7.8fixed in 10.4.2.12019-02-04
CVE-2018-15778 [HIGH] CWE-20 CVE-2018-15778: Dell OS10 versions prior to 10.4.2.1 contain a vulnerability caused by lack of proper input validati
Dell OS10 versions prior to 10.4.2.1 contain a vulnerability caused by lack of proper input validation on the command-line interface (CLI).
nvd
CVE-2021-36310P4MEDIUMCVSS 4.9fixed in 10.4.3.8≥ 10.5.0.0, < 10.5.0.10+2 more2021-11-20
CVE-2021-36310 [MEDIUM] CWE-693 CVE-2021-36310: Dell Networking OS10, versions 10.4.3.x, 10.5.0.x, 10.5.1.x & 10.5.2.x, contain an uncontrolled reso
Dell Networking OS10, versions 10.4.3.x, 10.5.0.x, 10.5.1.x & 10.5.2.x, contain an uncontrolled resource consumption flaw in its API service. A high-privileged API user may potentially exploit this vulnerability, leading to a denial of service.
nvd
CVE-2021-36319P4LOWCVSS 3.3fixed in 10.4.3.8≥ 10.5.0.0, < 10.5.0.10+2 more2021-11-20
CVE-2021-36319 [LOW] CWE-665 CVE-2021-36319: Dell Networking OS10 versions 10.4.3.x, 10.5.0.x and 10.5.1.x contain an information exposure vulner
Dell Networking OS10 versions 10.4.3.x, 10.5.0.x and 10.5.1.x contain an information exposure vulnerability. A low privileged authenticated malicious user can gain access to SNMP authentication failure messages.
nvd