CVE-2023-39248

Name of the Vulnerable Software and Affected Versions Dell OS10 Networking Switches versions 10.5.2.x and above

Description The issue is related to an Uncontrolled Resource Consumption (Denial of Service) vulnerability. When switches are configured with VLT and VRRP, a remote unauthenticated user can cause the network to be flooded, leading to Denial of Service for actual network users. This allows an attacker to cause an outage of the network.

Recommendations For versions 10.5.2.x and above, upgrade to a newer version at the earliest opportunity to resolve the issue. As a temporary workaround, consider restricting the use of VLT and VRRP configurations to minimize the risk of exploitation.