Vulnerability Description
Dell OS10 Networking Switches running 10.5.2.x and above contain an OS command injection vulnerability when using remote user authentication. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands and possible system takeover. This is a critical vulnerability as it allows an attacker to cause severe damage. Dell recommends customers to upgrade at the earliest opportunity.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Dell | Smartfabric Os10 | >= 10.5.2.0, < 10.5.2.12 |
Related Weaknesses (CWE)
References
- https://www.dell.com/support/kbdoc/en-us/000216584/dsa-2023-124-security-update-Vendor Advisory
- https://www.dell.com/support/kbdoc/en-us/000216584/dsa-2023-124-security-update-Vendor Advisory
FAQ
What is CVE-2023-32462?
CVE-2023-32462 is a vulnerability with a CVSS score of 9.8 (CRITICAL). Dell OS10 Networking Switches running 10.5.2.x and above contain an OS command injection vulnerability when using remote user authentication. A remote unauthenticated attacker could potentially explo...
How severe is CVE-2023-32462?
CVE-2023-32462 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2023-32462?
Check the references section above for vendor advisories and patch information. Affected products include: Dell Smartfabric Os10.