CVE-2021-36309

CVSS 7.1 HIGHEPSS 0.6%CWE-256

Dell Enterprise SONiC OS, versions 3.3.0 and earlier, contains a sensitive information disclosure vulnerability. An authenticated malicious user with access to the system may use the TACACS\Radius credentials stored to read sensitive information and use it in further attacks.

CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Produtos afetados

Dell · Enterprise SONiC OS

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://www.dell.com/support/kbdoc/en-us/000191690/DSA-2021-190-Dell-Enterprise-SONiC-OS-Security-Update-for-an-information-disclosure-Vulnerability