CRITICAL✓ PATCH🇵🇱 Wersja polska

CVE-2024-45764

CVSS 9.0v3.1pub. 2024-11-08upd. 2024-11-13

Dell Enterprise SONiC OS, version(s) 4.1.x, 4.2.x, contain(s) a Missing Critical Step in Authentication vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Protection mechanism bypass. This is a critical severity vulnerability so Dell recommends customers to upgrade at the earliest opportunity.

CVSS Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
  • Dell Enterprise Sonic Distribution

    OS
    Dell
    4.1.0 – 4.1.6 (bez)4.2.0 – 4.2.2 (bez)
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
Tags
Auth Bypass
CWE
References

Related vulnerabilities

CVE-2024-45763CRITICAL9.1PL ✓ten sam produkt

OS Command Injection w Dell Enterprise SONiC OS 4.1.x i 4.2.x

CVE-2024-45765CRITICAL9.1PL ✓ten sam produkt

OS Command Injection w Dell Enterprise SONiC OS (wersje 4.1.x, 4.2.x)

CVE-2023-32484CRITICAL9.8PL ✓ten sam produkt

Podatność improper input validation w Dell Enterprise SONiC — eskalacja uprawnień

CVE-2025-23374HIGH8.0ten sam produkt

Dell Networking Switches running Enterprise SONiC OS, version(s) prior to 4.4.1 and 4.2.3, contain(s) an Inser...

CVE-2023-24574HIGH7.5ten sam produkt

Dell Enterprise SONiC OS, 3.5.3, 4.0.0, 4.0.1, 4.0.2, contains an "Uncontrolled Resource Consumption vulnerab...