PT-2024-31757 · Dell · Dell Enterprise Sonic Os
Published
2024-11-08
·
Updated
2024-11-13
·
CVE-2024-45764
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions:
Dell Enterprise SONiC OS versions 4.1.x through 4.2.x
Description:
The issue is related to a Missing Critical Step in Authentication, allowing an unauthenticated attacker with remote access to potentially bypass protection mechanisms. This is a critical severity issue, and Dell recommends upgrading at the earliest opportunity. An unauthenticated attacker could exploit this, leading to protection mechanism bypass.
Recommendations:
For Dell Enterprise SONiC OS versions 4.1.x through 4.2.x, upgrade to a newer version as soon as possible to address the Missing Critical Step in Authentication vulnerability.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Dell Enterprise Sonic Os