CVE-2024-37125

Dell SmartFabric OS10 Software, versions 10.5.6.x, 10.5.5.x, 10.5.4.x,10.5.3.x, contains an Uncontrolled Resource Consumption vulnerability. A remote unauthenticated host could potentially exploit this vulnerability leading to a denial of service.

CVSS v3 7.5 HIGH

7.5^/10

CVSS v3 : HIGH

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://www.dell.com/support/kbdoc/en-us/000228976/dsa-2024-274-security-update-for-dell-networking-os10-vulnerabilities	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:dell:smartfabric_os10::::::::
	cpe:2.3:o:dell:smartfabric_os10::::::::
	cpe:2.3:o:dell:smartfabric_os10::::::::
	cpe:2.3:o:dell:smartfabric_os10::::::::

History

25 Nov 2024, 18:30

Type	Values Removed	Values Added
References	~~() https://www.dell.com/support/kbdoc/en-us/000228976/dsa-2024-274-security-update-for-dell-networking-os10-vulnerabilities -~~	() https://www.dell.com/support/kbdoc/en-us/000228976/dsa-2024-274-security-update-for-dell-networking-os10-vulnerabilities - Vendor Advisory
CPE		cpe:2.3:o:dell:smartfabric_os10::::::::
First Time		Dell smartfabric Os10 Dell
CWE		NVD-CWE-noinfo

30 Sep 2024, 12:46

Type	Values Removed	Values Added
Summary		(es) El software Dell SmartFabric OS10, versiones 10.5.6.x, 10.5.5.x, 10.5.4.x, 10.5.3.x, contiene una vulnerabilidad de consumo de recursos no controlado. Un host remoto no autenticado podría explotar esta vulnerabilidad y provocar una denegación de servicio.

26 Sep 2024, 17:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-09-26 17:15

Updated : 2024-11-25 18:30

NVD link : CVE-2024-37125

Mitre link : CVE-2024-37125

CVE.ORG link : CVE-2024-37125

JSON object : View

Products Affected

dell

smartfabric_os10

CWE

CWE-400

Uncontrolled Resource Consumption

NVD-CWE-noinfo

{"id": "CVE-2024-37125", "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "security_alert@emc.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2024-09-26T17:15:03.400", "references": [{"url": "https://www.dell.com/support/kbdoc/en-us/000228976/dsa-2024-274-security-update-for-dell-networking-os10-vulnerabilities", "tags": ["Vendor Advisory"], "source": "security_alert@emc.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "security_alert@emc.com", "description": [{"lang": "en", "value": "CWE-400"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Dell SmartFabric OS10 Software, versions 10.5.6.x, 10.5.5.x, 10.5.4.x,10.5.3.x, contains an Uncontrolled Resource Consumption vulnerability. A remote unauthenticated host could potentially exploit this vulnerability leading to a denial of service."}, {"lang": "es", "value": "El software Dell SmartFabric OS10, versiones 10.5.6.x, 10.5.5.x, 10.5.4.x, 10.5.3.x, contiene una vulnerabilidad de consumo de recursos no controlado. Un host remoto no autenticado podr\u00eda explotar esta vulnerabilidad y provocar una denegaci\u00f3n de servicio."}], "lastModified": "2024-11-25T18:30:46.117", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dell:smartfabric_os10:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0FD48013-CCE5-4E3C-ADA5-D00A72C2E599", "versionEndExcluding": "10.5.3.11", "versionStartIncluding": "10.5.3.0"}, {"criteria": "cpe:2.3:o:dell:smartfabric_os10:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6885B762-E718-4691-8E09-2A7FC2B6B454", "versionEndExcluding": "10.5.4.12", "versionStartIncluding": "10.5.4.0"}, {"criteria": "cpe:2.3:o:dell:smartfabric_os10:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "47A5BFE6-63B4-441B-95AD-D53CEAD638C1", "versionEndExcluding": "10.5.5.11", "versionStartIncluding": "10.5.5.0"}, {"criteria": "cpe:2.3:o:dell:smartfabric_os10:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7863BC08-9CB1-4269-A490-717834BD3B40", "versionEndExcluding": "10.5.6.4", "versionStartIncluding": "10.5.6.0"}], "operator": "OR"}]}], "sourceIdentifier": "security_alert@emc.com"}