Dell Networking Switches running Enterprise SONiC OS, version(s) prior to 4.4.1 and 4.2.3, contain(s) an Insertion of Sensitive Information into Log File vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Information exposure.
CVSS Vector
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:HDell Enterprise Sonic Distribution
OSDell4.4.0< 4.2.3
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
CWE
Related vulnerabilities
CVE-2024-45763CRITICAL9.1PL ✓ten sam produkt
OS Command Injection w Dell Enterprise SONiC OS 4.1.x i 4.2.x
CVE-2024-45764CRITICAL9.0PL ✓ten sam produkt
Dell Enterprise SONiC OS — pominięcie krytycznego kroku uwierzytelnienia
CVE-2024-45765CRITICAL9.1PL ✓ten sam produkt
OS Command Injection w Dell Enterprise SONiC OS (wersje 4.1.x, 4.2.x)
CVE-2023-32484CRITICAL9.8PL ✓ten sam produkt
Podatność improper input validation w Dell Enterprise SONiC — eskalacja uprawnień
CVE-2023-24574HIGH7.5ten sam produkt
Dell Enterprise SONiC OS, 3.5.3, 4.0.0, 4.0.1, 4.0.2, contains an "Uncontrolled Resource Consumption vulnerab...