CVE-2023-28078

Name of the Vulnerable Software and Affected Versions Dell OS10 Networking Switches versions 10.5.2.x and above

Description A remote unauthenticated attacker could potentially exploit a vulnerability with zeroMQ when VLT is configured, leading to information disclosure and a possible Denial of Service when a huge number of requests are sent to the switch. This is a high severity vulnerability as it allows an attacker to view sensitive data.

Recommendations For Dell OS10 Networking Switches versions 10.5.2.x and above, upgrade to a newer version at the earliest opportunity to resolve the issue. As a temporary workaround, consider restricting access to the zeroMQ component when VLT is configured until a patch is available.