Dell Smartfabric Os10 vulnerabilities
32 known vulnerabilities affecting dell/smartfabric_os10.
Total CVEs
32
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL2HIGH20MEDIUM8LOW2
Vulnerabilities
Page 2 of 2
CVE-2024-49561P3HIGHCVSS 7.8≥ 10.5.4.0, < 10.5.4.14≥ 10.5.5.0, < 10.5.5.13+2 more2025-03-17
CVE-2024-49561 [HIGH] CWE-266 CVE-2024-49561: Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s) an Inc
Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s) an Incorrect Privilege Assignment vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges.
nvd
CVE-2024-49558P3HIGHCVSS 7.8≥ 10.5.4.0, < 10.5.4.13≥ 10.5.5.0, < 10.5.5.12+1 more2024-11-12
CVE-2024-49558 [HIGH] CWE-269 CVE-2024-49558: Dell SmartFabric OS10 Software, version(s) 10.5.6.x, 10.5.5.x, 10.5.4.x, 10.5.3.x, contain(s) an Imp
Dell SmartFabric OS10 Software, version(s) 10.5.6.x, 10.5.5.x, 10.5.4.x, 10.5.3.x, contain(s) an Improper Privilege Management vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges.
nvd
CVE-2025-36608P3MEDIUMCVSS 6.5fixed in 10.6.0.52025-07-30
CVE-2025-36608 [MEDIUM] CWE-611 CVE-2025-36608: Dell SmartFabric OS10 Software, versions prior to 10.6.0.5, contains an Improper Restriction of XML
Dell SmartFabric OS10 Software, versions prior to 10.6.0.5, contains an Improper Restriction of XML External Entity Reference vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Unauthorized access.
nvd
CVE-2022-34424P3HIGHCVSS 7.5≥ 10.5.1.0, < 10.5.1.11≥ 10.5.2.0, < 10.5.2.11+1 more2022-09-28
CVE-2022-34424 [HIGH] CWE-787 CVE-2022-34424: Networking OS10, versions 10.5.1.x, 10.5.2.x, and 10.5.3.x contain a vulnerability that could allow
Networking OS10, versions 10.5.1.x, 10.5.2.x, and 10.5.3.x contain a vulnerability that could allow an attacker to cause a system crash by running particular security scans.
nvd
CVE-2025-22474P4MEDIUMCVSS 6.8≥ 10.5.4.0, < 10.5.4.14≥ 10.5.5.0, < 10.5.5.13+2 more2025-03-17
CVE-2025-22474 [MEDIUM] CWE-918 CVE-2025-22474: Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s) a Serv
Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s) a Server-Side Request Forgery (SSRF) vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Server-side request forgery.
nvd
CVE-2024-48015P4MEDIUMCVSS 6.7≥ 10.5.4.0, < 10.5.4.14≥ 10.5.5.0, < 10.5.5.13+2 more2025-03-17
CVE-2024-48015 [MEDIUM] CWE-77 CVE-2024-48015: Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s) an Imp
Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s) an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution.
nvd
CVE-2024-48829P4MEDIUMCVSS 6.7fixed in 10.6.1.02025-11-12
CVE-2024-48829 [MEDIUM] CWE-94 CVE-2024-48829: Dell SmartFabric OS10 Software, versions prior to 10.6.1.0, contain an Improper Control of Generatio
Dell SmartFabric OS10 Software, versions prior to 10.6.1.0, contain an Improper Control of Generation of Code ('Code Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution.
nvd
CVE-2025-30103P4MEDIUMCVSS 5.5fixed in 10.6.0.52025-07-30
CVE-2025-30103 [MEDIUM] CWE-552 CVE-2025-30103: Dell SmartFabric OS10 Software, versions prior to 10.6.0.5 contains a Files or Directories Accessibl
Dell SmartFabric OS10 Software, versions prior to 10.6.0.5 contains a Files or Directories Accessible to External Parties vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Filesystem access for attacker.
nvd
CVE-2024-48828P4MEDIUMCVSS 5.5≥ 10.5.4.0, < 10.5.4.14≥ 10.5.5.0, < 10.5.5.13+2 more2025-03-17
CVE-2024-48828 [MEDIUM] CWE-269 CVE-2024-48828: Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s) an Imp
Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s) an Improper Privilege Management vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Unauthorized access.
nvd
CVE-2022-29089P4MEDIUMCVSS 4.9≥ 10.5.1.0, < 10.5.1.11≥ 10.5.2.0, < 10.5.2.11+1 more2022-09-28
CVE-2022-29089 [MEDIUM] CWE-522 CVE-2022-29089: Dell Networking OS10, versions prior to October 2021 with Smart Fabric Services enabled, contains an
Dell Networking OS10, versions prior to October 2021 with Smart Fabric Services enabled, contains an information disclosure vulnerability. A remote, unauthenticated attacker could potentially exploit this vulnerability by reverse engineering to retrieve sensitive information and access the REST API with admin privileges.
nvd
CVE-2022-34394P4LOWCVSS 3.7v10.5.3.42022-09-28
CVE-2022-34394 [LOW] CWE-295 CVE-2022-34394: Dell OS10, version 10.5.3.4, contains an Improper Certificate Validation vulnerability in Support As
Dell OS10, version 10.5.3.4, contains an Improper Certificate Validation vulnerability in Support Assist. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to unauthorized access to limited switch configuration data. The vulnerability could be leveraged by attackers to conduct man-in-the-middle attacks to gain acce
nvd
CVE-2024-48838P4LOWCVSS 3.3≥ 10.5.4.0, < 10.5.4.13≥ 10.5.5.0, < 10.5.5.12+1 more2024-11-12
CVE-2024-48838 [LOW] CWE-552 CVE-2024-48838: Dell SmartFabric OS10 Software, version(s) 10.5.6.x, 10.5.5.x, 10.5.4.x, 10.5.3.x, contain(s) a File
Dell SmartFabric OS10 Software, version(s) 10.5.6.x, 10.5.5.x, 10.5.4.x, 10.5.3.x, contain(s) a Files or Directories Accessible to External Parties vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Filesystem access for attacker.
nvd
← Previous2 / 2