CVE-2024-49560

Dell SmartFabric OS10 Software, version(s) 10.5.6.x, 10.5.5.x, 10.5.4.x, 10.5.3.x, contain(s) a command injection vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution.
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:dell:smartfabric_os10:*:*:*:*:*:*:*:*
cpe:2.3:o:dell:smartfabric_os10:*:*:*:*:*:*:*:*
cpe:2.3:o:dell:smartfabric_os10:*:*:*:*:*:*:*:*

History

15 Nov 2024, 17:35

Type Values Removed Values Added
References () https://www.dell.com/support/kbdoc/en-us/000247217/dsa-2024-425-security-update-for-dell-networking-os10-vulnerabilities - () https://www.dell.com/support/kbdoc/en-us/000247217/dsa-2024-425-security-update-for-dell-networking-os10-vulnerabilities - Vendor Advisory
CPE cpe:2.3:o:dell:smartfabric_os10:*:*:*:*:*:*:*:*
First Time Dell smartfabric Os10
Dell

12 Nov 2024, 13:55

Type Values Removed Values Added
Summary
  • (es) El software Dell SmartFabric OS10, versiones 10.5.6.x, 10.5.5.x, 10.5.4.x, 10.5.3.x, contiene una vulnerabilidad de inyección de comandos. Un atacante con pocos privilegios y acceso local podría aprovechar esta vulnerabilidad, lo que provocaría la ejecución de comandos.

12 Nov 2024, 04:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-11-12 04:15

Updated : 2024-11-15 17:35


NVD link : CVE-2024-49560

Mitre link : CVE-2024-49560

CVE.ORG link : CVE-2024-49560


JSON object : View

Products Affected

dell

  • smartfabric_os10
CWE
CWE-77

Improper Neutralization of Special Elements used in a Command ('Command Injection')