CVE-2024-49560

Name of the Vulnerable Software and Affected Versions: Dell SmartFabric OS10 Software versions 10.5.3.x through 10.5.6.x

Description: The issue is related to a command injection vulnerability. A low-privileged attacker with local access could potentially exploit this vulnerability, leading to command execution. The vulnerability is associated with the failure to sanitize input data at the management level, which could allow an attacker to execute arbitrary commands.

Recommendations: For versions 10.5.3.x through 10.5.6.x, consider disabling any functionality that allows command execution until a patch is available. Restrict local access to the system to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.