cbcvebase.

Dell Smartfabric Os10 vulnerabilities

32 known vulnerabilities affecting dell/smartfabric_os10.

Total CVEs
32
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL2HIGH20MEDIUM8LOW2

Vulnerabilities

Page 2 of 2
CVE-2024-49561P3HIGHCVSS 7.8≥ 10.5.4.0, < 10.5.4.14≥ 10.5.5.0, < 10.5.5.13+2 more2025-03-17
CVE-2024-49561 [HIGH] CWE-266 CVE-2024-49561: Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s) an Inc Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s) an Incorrect Privilege Assignment vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges.
nvd
CVE-2024-49558P3HIGHCVSS 7.8≥ 10.5.4.0, < 10.5.4.13≥ 10.5.5.0, < 10.5.5.12+1 more2024-11-12
CVE-2024-49558 [HIGH] CWE-269 CVE-2024-49558: Dell SmartFabric OS10 Software, version(s) 10.5.6.x, 10.5.5.x, 10.5.4.x, 10.5.3.x, contain(s) an Imp Dell SmartFabric OS10 Software, version(s) 10.5.6.x, 10.5.5.x, 10.5.4.x, 10.5.3.x, contain(s) an Improper Privilege Management vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges.
nvd
CVE-2025-36608P3MEDIUMCVSS 6.5fixed in 10.6.0.52025-07-30
CVE-2025-36608 [MEDIUM] CWE-611 CVE-2025-36608: Dell SmartFabric OS10 Software, versions prior to 10.6.0.5, contains an Improper Restriction of XML Dell SmartFabric OS10 Software, versions prior to 10.6.0.5, contains an Improper Restriction of XML External Entity Reference vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Unauthorized access.
nvd
CVE-2022-34424P3HIGHCVSS 7.5≥ 10.5.1.0, < 10.5.1.11≥ 10.5.2.0, < 10.5.2.11+1 more2022-09-28
CVE-2022-34424 [HIGH] CWE-787 CVE-2022-34424: Networking OS10, versions 10.5.1.x, 10.5.2.x, and 10.5.3.x contain a vulnerability that could allow Networking OS10, versions 10.5.1.x, 10.5.2.x, and 10.5.3.x contain a vulnerability that could allow an attacker to cause a system crash by running particular security scans.
nvd
CVE-2025-22474P4MEDIUMCVSS 6.8≥ 10.5.4.0, < 10.5.4.14≥ 10.5.5.0, < 10.5.5.13+2 more2025-03-17
CVE-2025-22474 [MEDIUM] CWE-918 CVE-2025-22474: Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s) a Serv Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s) a Server-Side Request Forgery (SSRF) vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Server-side request forgery.
nvd
CVE-2024-48015P4MEDIUMCVSS 6.7≥ 10.5.4.0, < 10.5.4.14≥ 10.5.5.0, < 10.5.5.13+2 more2025-03-17
CVE-2024-48015 [MEDIUM] CWE-77 CVE-2024-48015: Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s) an Imp Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s) an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution.
nvd
CVE-2024-48829P4MEDIUMCVSS 6.7fixed in 10.6.1.02025-11-12
CVE-2024-48829 [MEDIUM] CWE-94 CVE-2024-48829: Dell SmartFabric OS10 Software, versions prior to 10.6.1.0, contain an Improper Control of Generatio Dell SmartFabric OS10 Software, versions prior to 10.6.1.0, contain an Improper Control of Generation of Code ('Code Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution.
nvd
CVE-2025-30103P4MEDIUMCVSS 5.5fixed in 10.6.0.52025-07-30
CVE-2025-30103 [MEDIUM] CWE-552 CVE-2025-30103: Dell SmartFabric OS10 Software, versions prior to 10.6.0.5 contains a Files or Directories Accessibl Dell SmartFabric OS10 Software, versions prior to 10.6.0.5 contains a Files or Directories Accessible to External Parties vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Filesystem access for attacker.
nvd
CVE-2024-48828P4MEDIUMCVSS 5.5≥ 10.5.4.0, < 10.5.4.14≥ 10.5.5.0, < 10.5.5.13+2 more2025-03-17
CVE-2024-48828 [MEDIUM] CWE-269 CVE-2024-48828: Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s) an Imp Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s) an Improper Privilege Management vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Unauthorized access.
nvd
CVE-2022-29089P4MEDIUMCVSS 4.9≥ 10.5.1.0, < 10.5.1.11≥ 10.5.2.0, < 10.5.2.11+1 more2022-09-28
CVE-2022-29089 [MEDIUM] CWE-522 CVE-2022-29089: Dell Networking OS10, versions prior to October 2021 with Smart Fabric Services enabled, contains an Dell Networking OS10, versions prior to October 2021 with Smart Fabric Services enabled, contains an information disclosure vulnerability. A remote, unauthenticated attacker could potentially exploit this vulnerability by reverse engineering to retrieve sensitive information and access the REST API with admin privileges.
nvd
CVE-2022-34394P4LOWCVSS 3.7v10.5.3.42022-09-28
CVE-2022-34394 [LOW] CWE-295 CVE-2022-34394: Dell OS10, version 10.5.3.4, contains an Improper Certificate Validation vulnerability in Support As Dell OS10, version 10.5.3.4, contains an Improper Certificate Validation vulnerability in Support Assist. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to unauthorized access to limited switch configuration data. The vulnerability could be leveraged by attackers to conduct man-in-the-middle attacks to gain acce
nvd
CVE-2024-48838P4LOWCVSS 3.3≥ 10.5.4.0, < 10.5.4.13≥ 10.5.5.0, < 10.5.5.12+1 more2024-11-12
CVE-2024-48838 [LOW] CWE-552 CVE-2024-48838: Dell SmartFabric OS10 Software, version(s) 10.5.6.x, 10.5.5.x, 10.5.4.x, 10.5.3.x, contain(s) a File Dell SmartFabric OS10 Software, version(s) 10.5.6.x, 10.5.5.x, 10.5.4.x, 10.5.3.x, contain(s) a Files or Directories Accessible to External Parties vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Filesystem access for attacker.
nvd
Dell Smartfabric Os10 vulnerabilities | cvebase