HIGH✓ PATCH🇬🇧 English

CVE-2023-24574

CVSS 7.5v3.1pub. 2023-02-02upd. 2024-11-21

Dell Enterprise SONiC OS, 3.5.3, 4.0.0, 4.0.1, 4.0.2, contains an "Uncontrolled Resource Consumption vulnerability" in authentication component. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to uncontrolled resource consumption by creating permanent home directories for unauthenticated users.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  • Dell Enterprise Sonic Distribution

    OS
    Dell
    3.5.3 – 4.0.3 (bez)
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
CWE
Referencje

Powiązane podatności

CVE-2024-45763CRITICAL9.1PL ✓ten sam produkt

OS Command Injection w Dell Enterprise SONiC OS 4.1.x i 4.2.x

CVE-2024-45764CRITICAL9.0PL ✓ten sam produkt

Dell Enterprise SONiC OS — pominięcie krytycznego kroku uwierzytelnienia

CVE-2024-45765CRITICAL9.1PL ✓ten sam produkt

OS Command Injection w Dell Enterprise SONiC OS (wersje 4.1.x, 4.2.x)

CVE-2023-32484CRITICAL9.8PL ✓ten sam produkt

Podatność improper input validation w Dell Enterprise SONiC — eskalacja uprawnień

CVE-2025-23374HIGH8.0ten sam produkt

Dell Networking Switches running Enterprise SONiC OS, version(s) prior to 4.4.1 and 4.2.3, contain(s) an Inser...