CVE-2024-39585

Name of the Vulnerable Software and Affected Versions Dell SmartFabric OS10 Software versions 10.5.5.4 through 10.5.5.10 and 10.5.6.x

Description The issue involves the use of a hard-coded password in Dell SmartFabric OS10 Software. A low-privileged attacker with remote access could potentially exploit this, leading to client-side request forgery and information disclosure.

Recommendations For versions 10.5.5.4 through 10.5.5.10, consider disabling any features that rely on the hard-coded password until a patch is available. For version 10.5.6.x, restrict access to any modules or functions that utilize the hard-coded password to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.