Improper Authorization in Dell OS10 Networking Switches
CVE-2024-25949

8.8HIGH

Key Information:

Vendor: Dell
Status: Networking Os10
Vendor: CVE Published:; 12 June 2024

What is CVE-2024-25949?

Dell OS10 Networking Switches are affected by an improper authorization vulnerability, which allows a remote authenticated attacker to exploit the system. This flaw can potentially lead to privilege escalation, granting the attacker unauthorized access and control over the affected networking devices. The vulnerability is present in several versions of the OS10 Networking Switches, underscoring the importance of timely updates and patches to mitigate risk.

References

https://www.dell.com/support/kbdoc/en-us/000225922/dsa-20...

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 12, 2024