Shodan
Vulnerabilities
Vulnerable Software
Dell:  >> Smartfabric Storage Software  >> 1.4.0  Security Vulnerabilities
CVE-2023-4401
Dell SmartFabric Storage Software v1.4 (and earlier) contains an OS Command Injection Vulnerability in the CLI use of the ‘more’ command. A local or remote authenticated attacker could potentially exploit this vulnerability, leading to the ability to gain root-level access.
CVSS Score
7.8
EPSS Score
0.004
Published
2023-10-05
CVE-2023-43068
Dell SmartFabric Storage Software v1.4 (and earlier) contains an OS Command Injection Vulnerability in the restricted shell in SSH. An authenticated remote attacker could potentially exploit this vulnerability, leading to execute arbitrary commands.
CVSS Score
7.8
EPSS Score
0.003
Published
2023-10-05
CVE-2023-43069
Dell SmartFabric Storage Software v1.4 (and earlier) contain(s) an OS Command Injection Vulnerability in the CLI. An authenticated local attacker could potentially exploit this vulnerability, leading to possible injection of parameters to curl or docker.
CVSS Score
7.8
EPSS Score
0.001
Published
2023-10-05
CVE-2023-43070
Dell SmartFabric Storage Software v1.4 (and earlier) contains a Path Traversal Vulnerability in the HTTP interface. A remote authenticated attacker could potentially exploit this vulnerability, leading to modify or write arbitrary files to arbitrary locations in the license container.
CVSS Score
6.3
EPSS Score
0.001
Published
2023-10-05
CVE-2023-43071
Dell SmartFabric Storage Software v1.4 (and earlier) contains possible vulnerabilities for HTML injection or CVS formula injection which might escalate to cross-site scripting attacks in HTML pages in the GUI. A remote authenticated attacker could potentially exploit these issues, leading to various injection type attacks.
CVSS Score
4.4
EPSS Score
0.001
Published
2023-10-05
CVE-2023-43072
Dell SmartFabric Storage Software v1.4 (and earlier) contains an improper access control vulnerability in the CLI. A local possibly unauthenticated attacker could potentially exploit this vulnerability, leading to ability to execute arbritrary shell commands.
CVSS Score
4.4
EPSS Score
0.0
Published
2023-10-05
CVE-2023-43073
Dell SmartFabric Storage Software v1.4 (and earlier) contains an Improper Input Validation vulnerability in RADIUS configuration. An authenticated remote attacker could potentially exploit this vulnerability, leading to gaining unauthorized access to data.
CVSS Score
4.3
EPSS Score
0.001
Published
2023-10-05


Products
Pricing
Contact Us

Shodan ® - All rights reserved