Networking OS10, versions prior to October 2021 with RESTCONF API enabled, contains a privilege escalation vulnerability. A malicious low privileged user with specific access to the API could potentially exploit this vulnerability to gain admin privileges on the affected system.
The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Networking_os10 | Dell | * | 10.4.3.8 (excluding) |
Networking_os10 | Dell | 10.5.0.0 (including) | 10.5.0.10 (excluding) |
Networking_os10 | Dell | 10.5.1.0 (including) | 10.5.1.10 (excluding) |
Networking_os10 | Dell | 10.5.2.0 (including) | 10.5.2.8 (excluding) |