CVE-2024-39585

HIGH

Dell Smartfabric Os10 < 10.5.5.10 - Information Disclosure

Title source: rule

Description

Dell SmartFabric OS10 Software, version(s) 10.5.5.4 through 10.5.5.10 and 10.5.6.x, contain(s) an Use of Hard-coded Password vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Client-side request forgery and Information disclosure.

References (1)

[Various Sources] https://www.dell.com/support/kbdoc/en-us/000228355/dsa-2024-376-security-update-for-dell-networking-os10-vulnerability

Scores

CVSS v3 7.9

EPSS 0.0010

EPSS Percentile 27.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-259 CWE-798

Status published

Products (1)

dell/smartfabric_os10 10.5.5.4 - 10.5.5.10

Published Sep 06, 2024

Tracked Since Feb 18, 2026