Uncontrolled Resource Consumption Vulnerability in Dell Networking OS10
CVE-2021-36310

4.9MEDIUM

Key Information:

Vendor: Dell
Status: Dell Networking Os10
Vendor: CVE Published:; 20 November 2021

Summary

Dell Networking OS10, in its versions 10.4.3.x, 10.5.0.x, 10.5.1.x, and 10.5.2.x, has a flaw in the API service that may allow a high-privileged API user to exploit it. This can lead to significant resource exhaustion, causing a denial of service and interrupting network operations. It is crucial for users of these affected versions to assess their risk and apply mitigations as necessary.

Affected Version(s)

Dell Networking OS10 < 10.5.3.4

References

https://www.dell.com/support/kbdoc/en-us/000193076

x_refsource_MISC

CVSS V3.1

Score:

4.9

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Nov 20, 2021
Vulnerability Reserved
Jul 8, 2021