cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2025-23374,https://securityvulnerability.io/vulnerability/CVE-2025-23374,Information Exposure Vulnerability in Dell Networking Switches Running Enterprise SONiC OS,Dell Networking Switches running earlier versions of Enterprise SONiC OS are affected by a vulnerability that allows privileged attackers to exploit remote access and potentially gain sensitive information logged by the system. This issue highlights the importance of timely updates and robust security measures to protect network infrastructure.,Dell,Enterprise Sonic Os,8,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-30T04:14:04.226Z,0
CVE-2024-45763,https://securityvulnerability.io/vulnerability/CVE-2024-45763,Dell Enterprise SONiC OS Vulnerable to OS Command Injection,"The identified vulnerability in Dell Enterprise SONiC OS allows for improper neutralization of special elements used in OS commands, leading to OS command injection. A high privileged attacker with remote access could exploit this weakness, potentially resulting in unauthorized command execution on affected systems. This vulnerability underscores the necessity for users to upgrade their installations promptly to safeguard against potential exploitation.",Dell,Enterprise Sonic Os,7.2,HIGH,0.0005200000014156103,false,,false,false,false,,,false,false,,2024-11-08T16:15:34.861Z,0
CVE-2024-45764,https://securityvulnerability.io/vulnerability/CVE-2024-45764,Authentication Bypass Vulnerability in Dell Enterprise SONiC OS,"An authentication bypass vulnerability exists in Dell Enterprise SONiC OS versions 4.1.x and 4.2.x that allows unauthenticated attackers to gain remote access to the system. This flaw is characterized by a missing critical step in the authentication mechanism, potentially enabling attackers to bypass security protections. Dell has urged users to promptly upgrade their systems to secure against potential exploitation of this vulnerability.",Dell,Enterprise Sonic Os,9.8,CRITICAL,0.000910000002477318,false,,false,false,false,,,false,false,,2024-11-08T16:08:01.769Z,0
CVE-2024-45765,https://securityvulnerability.io/vulnerability/CVE-2024-45765,Dell Enterprise SONiC OS Vulnerability Could Lead to Command Execution,"An OS command injection vulnerability exists in Dell Enterprise SONiC OS versions 4.1.x and 4.2.x. This flaw arises from improper neutralization of special elements used in OS commands, allowing an attacker with high privileges and remote access to execute arbitrary OS commands. Such exploitation could enable the execution of sensitive commands that compromise system integrity, making prompt updates essential for users of these software versions. Dell strongly advises affected customers to upgrade to the latest versions to address this vulnerability.",Dell,Enterprise Sonic Os,7.2,HIGH,0.0005200000014156103,false,,false,false,false,,,false,false,,2024-11-08T15:59:33.760Z,0
CVE-2023-32484,https://securityvulnerability.io/vulnerability/CVE-2023-32484,Improper Input Validation in Dell Networking Switches,"Dell Networking Switches equipped with Enterprise SONiC versions 4.1.0, 4.0.5, 3.5.4, and earlier are susceptible to a serious input validation flaw. This vulnerability can potentially be exploited by an unauthenticated remote attacker to escalate privileges, gaining access to the device at the highest administrative level. The flaw may affect the integrity and security of network operations. As a precautionary measure, Dell strongly encourages users to update their systems to mitigate this risk promptly.",Dell,Enterprise Sonic Os,9.8,CRITICAL,0.001069999998435378,false,,false,false,false,,,false,false,,2024-02-15T12:49:01.000Z,0
CVE-2023-24574,https://securityvulnerability.io/vulnerability/CVE-2023-24574,Uncontrolled Resource Consumption in Dell Enterprise SONiC OS,"Dell Enterprise SONiC OS versions 3.5.3, 4.0.0, 4.0.1, and 4.0.2 contain a vulnerability in the authentication component that allows unauthenticated remote attackers to exploit the system. By creating permanent home directories for unauthenticated users, attackers can lead to excessive resource consumption, potentially affecting system performance and stability. Users are advised to implement the latest security updates to mitigate these risks.",Dell,Enterprise SONiC OS,7.5,HIGH,0.001550000044517219,false,,false,false,false,,,false,false,,2023-02-02T21:22:00.000Z,0
CVE-2022-34425,https://securityvulnerability.io/vulnerability/CVE-2022-34425,Cryptographic Key Vulnerability in Dell Enterprise SONiC OS,"Dell Enterprise SONiC OS versions 4.0.0 and 4.0.1 have a cryptographic key vulnerability associated with the SSH service. This flaw allows unauthenticated remote attackers to exploit the weakness, resulting in unauthorized access to sensitive communications. It is important for users to apply the necessary security updates to mitigate the risk of exploitation.",Dell,Enterprise Sonic Os,7.5,HIGH,0.0030400000978261232,false,,false,false,false,,,false,false,,2022-10-10T21:15:00.000Z,0
CVE-2021-36309,https://securityvulnerability.io/vulnerability/CVE-2021-36309,Sensitive Information Disclosure in Dell Enterprise SONiC OS,"Dell Enterprise SONiC OS, up to version 3.3.0, is affected by a vulnerability that allows an authenticated attacker to access sensitive information. The vulnerability arises from stored TACACS/RADIUS credentials, enabling potential misuse of these credentials to conduct further attacks on the system. Organizations utilizing Dell Enterprise SONiC should ensure they are using an updated version to mitigate this risk.",Dell,Enterprise Sonic Os,7.1,HIGH,0.0006500000017695129,false,,false,false,false,,,false,false,,2021-10-01T21:15:00.000Z,0