Vulnerability Description
Dell OS10 Networking Switches running 10.5.2.x and above contain a vulnerability with zeroMQ when VLT is configured. A remote unauthenticated attacker could potentially exploit this vulnerability leading to information disclosure and a possible Denial of Service when a huge number of requests are sent to the switch. This is a high severity vulnerability as it allows an attacker to view sensitive data. Dell recommends customers to upgrade at the earliest opportunity.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Dell | Smartfabric Os10 | >= 10.5.2.0, < 10.5.2.12 |
Related Weaknesses (CWE)
References
- https://www.dell.com/support/kbdoc/en-us/000216584/dsa-2023-124-security-update-Vendor Advisory
- https://www.dell.com/support/kbdoc/en-us/000216584/dsa-2023-124-security-update-Vendor Advisory
FAQ
What is CVE-2023-28078?
CVE-2023-28078 is a vulnerability with a CVSS score of 9.1 (CRITICAL). Dell OS10 Networking Switches running 10.5.2.x and above contain a vulnerability with zeroMQ when VLT is configured. A remote unauthenticated attacker could potentially exploit this vulnerability lea...
How severe is CVE-2023-28078?
CVE-2023-28078 has been rated CRITICAL with a CVSS base score of 9.1/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2023-28078?
Check the references section above for vendor advisories and patch information. Affected products include: Dell Smartfabric Os10.