Vulnerability Details CVE-2023-24574
Dell Enterprise SONiC OS, 3.5.3, 4.0.0, 4.0.1, 4.0.2, contains an "Uncontrolled Resource Consumption vulnerability" in authentication component. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to uncontrolled resource consumption by creating permanent home directories for unauthenticated users.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 68.0%
CVSS Severity
CVSS v3 Score 7.5
References
- https://www.dell.com/support/kbdoc/en-us/000208165/dsa-2023-039-dell-emc-enterprise-sonic-security-update-for-an-uncontrolled-resource-consumption-vulnerability
- https://www.dell.com/support/kbdoc/en-us/000208165/dsa-2023-039-dell-emc-enterprise-sonic-security-update-for-an-uncontrolled-resource-consumption-vulnerability
Products affected by CVE-2023-24574
-
cpe:2.3:o:dell:enterprise_sonic_distribution:3.5.3
-
cpe:2.3:o:dell:enterprise_sonic_distribution:3.5.4
-
cpe:2.3:o:dell:enterprise_sonic_distribution:3.5.5
-
cpe:2.3:o:dell:enterprise_sonic_distribution:4.0.0
-
cpe:2.3:o:dell:enterprise_sonic_distribution:4.0.1
-
cpe:2.3:o:dell:enterprise_sonic_distribution:4.0.2