Vulnerability Details CVE-2023-28078
Dell OS10 Networking Switches running 10.5.2.x and above contain a vulnerability with zeroMQ when VLT is configured. A remote unauthenticated attacker could potentially exploit this vulnerability leading to information disclosure and a possible Denial of Service when a huge number of requests are sent to the switch. This is a high severity vulnerability as it allows an attacker to view sensitive data. Dell recommends customers to upgrade at the earliest opportunity.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 43.6%
CVSS Severity
CVSS v3 Score 9.1
References
Products affected by CVE-2023-28078
-
cpe:2.3:o:dell:smartfabric_os10:10.5.2.0
-
cpe:2.3:o:dell:smartfabric_os10:10.5.2.11
-
cpe:2.3:o:dell:smartfabric_os10:10.5.3.0
-
cpe:2.3:o:dell:smartfabric_os10:10.5.3.1
-
cpe:2.3:o:dell:smartfabric_os10:10.5.3.2
-
cpe:2.3:o:dell:smartfabric_os10:10.5.3.3
-
cpe:2.3:o:dell:smartfabric_os10:10.5.3.4
-
cpe:2.3:o:dell:smartfabric_os10:10.5.3.5
-
cpe:2.3:o:dell:smartfabric_os10:10.5.3.6
-
cpe:2.3:o:dell:smartfabric_os10:10.5.3.7
-
cpe:2.3:o:dell:smartfabric_os10:10.5.4.0
-
cpe:2.3:o:dell:smartfabric_os10:10.5.4.1
-
cpe:2.3:o:dell:smartfabric_os10:10.5.4.2
-
cpe:2.3:o:dell:smartfabric_os10:10.5.4.3
-
cpe:2.3:o:dell:smartfabric_os10:10.5.4.4
-
cpe:2.3:o:dell:smartfabric_os10:10.5.4.5
-
cpe:2.3:o:dell:smartfabric_os10:10.5.4.6
-
cpe:2.3:o:dell:smartfabric_os10:10.5.4.7
-
cpe:2.3:o:dell:smartfabric_os10:10.5.5.0
-
cpe:2.3:o:dell:smartfabric_os10:10.5.5.1
-
cpe:2.3:o:dell:smartfabric_os10:10.5.5.2
-
cpe:2.3:o:dell:smartfabric_os10:10.5.5.3