Shodan
Vulnerabilities
Vulnerable Software
Dell:  >> Networking Os10  >> 10.4.0-r3s  Security Vulnerabilities
CVE-2021-36306
Networking OS10, versions prior to October 2021 with RESTCONF API enabled, contains an authentication bypass vulnerability. A remote unauthenticated attacker could exploit this vulnerability to gain access and perform actions on the affected system.
CVSS Score
8.1
EPSS Score
0.017
Published
2021-11-20
CVE-2021-36307
Networking OS10, versions prior to October 2021 with RESTCONF API enabled, contains a privilege escalation vulnerability. A malicious low privileged user with specific access to the API could potentially exploit this vulnerability to gain admin privileges on the affected system.
CVSS Score
8.8
EPSS Score
0.002
Published
2021-11-20
CVE-2021-36308
Networking OS10, versions prior to October 2021 with Smart Fabric Services enabled, contains an authentication bypass vulnerability. A remote unauthenticated attacker could exploit this vulnerability to gain access and perform actions on the affected system.
CVSS Score
5.9
EPSS Score
0.017
Published
2021-11-20
CVE-2021-36310
Dell Networking OS10, versions 10.4.3.x, 10.5.0.x, 10.5.1.x & 10.5.2.x, contain an uncontrolled resource consumption flaw in its API service. A high-privileged API user may potentially exploit this vulnerability, leading to a denial of service.
CVSS Score
4.9
EPSS Score
0.003
Published
2021-11-20
CVE-2021-36319
Dell Networking OS10 versions 10.4.3.x, 10.5.0.x and 10.5.1.x contain an information exposure vulnerability. A low privileged authenticated malicious user can gain access to SNMP authentication failure messages.
CVSS Score
3.3
EPSS Score
0.001
Published
2021-11-20
CVE-2018-15778
Dell OS10 versions prior to 10.4.2.1 contain a vulnerability caused by lack of proper input validation on the command-line interface (CLI).
CVSS Score
8.8
EPSS Score
0.0
Published
2019-02-04
CVE-2018-15784
Dell Networking OS10 versions prior to 10.4.3.0 contain a vulnerability in the Phone Home feature which does not properly validate the server's certificate authority during TLS handshake. Use of an invalid or malicious certificate could potentially allow an attacker to spoof a trusted entity by using a man-in-the-middle (MITM) attack.
CVSS Score
7.4
EPSS Score
0.001
Published
2019-01-18


Products
Pricing
Contact Us

Shodan ® - All rights reserved