Dell Enterprise SONiC OS, 3.5.3, 4.0.0, 4.0.1, 4.0.2, contains an "Uncontrolled Resource Consumption vulnerability" in authentication component. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to uncontrolled resource consumption by creating permanent home directories for unauthenticated users.
oryginał ENCVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HDell Enterprise Sonic Distribution
OSDell3.5.3 – 4.0.3 (bez)
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
Powiązane podatności
CVE-2024-45763CRITICAL9.1PL ✓ten sam produkt
OS Command Injection w Dell Enterprise SONiC OS 4.1.x i 4.2.x
CVE-2024-45764CRITICAL9.0PL ✓ten sam produkt
Dell Enterprise SONiC OS — pominięcie krytycznego kroku uwierzytelnienia
CVE-2024-45765CRITICAL9.1PL ✓ten sam produkt
OS Command Injection w Dell Enterprise SONiC OS (wersje 4.1.x, 4.2.x)
CVE-2023-32484CRITICAL9.8PL ✓ten sam produkt
Podatność improper input validation w Dell Enterprise SONiC — eskalacja uprawnień
CVE-2025-23374HIGH8.0ten sam produkt
Dell Networking Switches running Enterprise SONiC OS, version(s) prior to 4.4.1 and 4.2.3, contain(s) an Inser...