HIGH✓ PATCH🇵🇱 Wersja polska

CVE-2023-24574

CVSS 7.5v3.1pub. 2023-02-02upd. 2024-11-21

Dell Enterprise SONiC OS, 3.5.3, 4.0.0, 4.0.1, 4.0.2, contains an "Uncontrolled Resource Consumption vulnerability" in authentication component. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to uncontrolled resource consumption by creating permanent home directories for unauthenticated users.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  • Dell Enterprise Sonic Distribution

    OS
    Dell
    3.5.3 – 4.0.3 (bez)
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
CWE
References

Related vulnerabilities

CVE-2024-45763CRITICAL9.1PL ✓ten sam produkt

OS Command Injection w Dell Enterprise SONiC OS 4.1.x i 4.2.x

CVE-2024-45764CRITICAL9.0PL ✓ten sam produkt

Dell Enterprise SONiC OS — pominięcie krytycznego kroku uwierzytelnienia

CVE-2024-45765CRITICAL9.1PL ✓ten sam produkt

OS Command Injection w Dell Enterprise SONiC OS (wersje 4.1.x, 4.2.x)

CVE-2023-32484CRITICAL9.8PL ✓ten sam produkt

Podatność improper input validation w Dell Enterprise SONiC — eskalacja uprawnień

CVE-2025-23374HIGH8.0ten sam produkt

Dell Networking Switches running Enterprise SONiC OS, version(s) prior to 4.4.1 and 4.2.3, contain(s) an Inser...