CVE-2023-32485
CRITICALDell SmartFabric Storage Software < 1.4.0 - Unauthenticated Privilege Escalation
Title source: llmDescription
Dell SmartFabric Storage Software version 1.3 and lower contain an improper input validation vulnerability. A remote unauthenticated attacker may exploit this vulnerability and escalate privileges up to the highest administration level. This is a critical severity vulnerability affecting user authentication. Dell recommends customers to upgrade at the earliest opportunity.
References (1)
Core 1
Core References
Patch, Vendor Advisory vendor-advisory
https://www.dell.com/support/kbdoc/en-us/000216587/dsa-2023-283-security-update-for-dell-smartfabric-storage-software-vulnerabilities
Scores
CVSS v3
9.8
EPSS
0.0025
EPSS Percentile
48.6%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
yes
Technical Impact
total
Details
CWE
CWE-20
Status
published
Products (1)
dell/smartfabric_storage_software
< 1.4.0
Published
Oct 05, 2023
Tracked Since
Feb 18, 2026