Dell Enterprise SONiC OS, version(s) 4.1.x, 4.2.x, contain(s) a Missing Critical Step in Authentication vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Protection mechanism bypass. This is a critical severity vulnerability so Dell recommends customers to upgrade at the earliest opportunity.
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:HDell Enterprise Sonic Distribution
OSDell4.1.0 – 4.1.6 (bez)4.2.0 – 4.2.2 (bez)
Related vulnerabilities
OS Command Injection w Dell Enterprise SONiC OS 4.1.x i 4.2.x
OS Command Injection w Dell Enterprise SONiC OS (wersje 4.1.x, 4.2.x)
Podatność improper input validation w Dell Enterprise SONiC — eskalacja uprawnień
Dell Networking Switches running Enterprise SONiC OS, version(s) prior to 4.4.1 and 4.2.3, contain(s) an Inser...
Dell Enterprise SONiC OS, 3.5.3, 4.0.0, 4.0.1, 4.0.2, contains an "Uncontrolled Resource Consumption vulnerab...