Lucene search

[email protected]NVD:CVE-2024-25949

HistoryJun 12, 2024 - 1:15 p.m.

CVE-2024-25949

2024-06-1213:15:49

CWE-285

[email protected]

web.nvd.nist.gov

cve-2024-25949

dell

networking switches

authorization

vulnerability

escalation of privileges

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

20.0%

JSON

Dell OS10 Networking Switches, versions10.5.6.x, 10.5.5.x, 10.5.4.x and 10.5.3.x ,contain an improper authorization vulnerability. A remote authenticated attacker could potentially exploit this vulnerability leading to escalation of privileges.

Affected configurations

Nvd

Node

dellnetworking_os10Range10.5.3.0–10.5.3.10

dellnetworking_os10Range10.5.4.0–10.5.4.11

dellnetworking_os10Range10.5.5.0–10.5.5.8

dellnetworking_os10Match10.5.6.0

VendorProductVersionCPE
dellnetworking_os10*cpe:2.3:o:dell:networking_os10:*:*:*:*:*:*:*:*
dellnetworking_os1010.5.6.0cpe:2.3:o:dell:networking_os10:10.5.6.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
dell	networking_os10	*	cpe:2.3:o:dell:networking_os10::::::::
dell	networking_os10	10.5.6.0	cpe:2.3:o:dell:networking_os10:10.5.6.0:::::::*

References

www.dell.com/support/kbdoc/en-us/000225922/dsa-2024-087-security-update-for-dell-networking-os10-vulnerability

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

20.0%

JSON

Related for NVD:CVE-2024-25949

cve1 cvelist1 vulnrichment1