Networking Os10
CVE-2021-36310
MEDIUM
Severity by source
AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Lifecycle Timeline
1DescriptionNVD
Dell Networking OS10, versions 10.4.3.x, 10.5.0.x, 10.5.1.x & 10.5.2.x, contain an uncontrolled resource consumption flaw in its API service. A high-privileged API user may potentially exploit this vulnerability, leading to a denial of service.
AnalysisAI
Dell Networking OS10, versions 10.4.3.x, 10.5.0.x, 10.5.1.x & 10.5.2.x, contain an uncontrolled resource consumption flaw in its API service. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.
Technical ContextAI
This vulnerability is classified under CWE-693. Dell Networking OS10, versions 10.4.3.x, 10.5.0.x, 10.5.1.x & 10.5.2.x, contain an uncontrolled resource consumption flaw in its API service. A high-privileged API user may potentially exploit this vulnerability, leading to a denial of service. Affected products include: Dell Networking Os10.
RemediationAI
A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
More in Networking Os10
View allNetworking OS10, versions prior to October 2021 with Smart Fabric Services enabled, contains an authentication bypass vu
Networking OS10, versions prior to October 2021 with RESTCONF API enabled, contains an authentication bypass vulnerabili
Dell OS10 Networking Switches, versions10.5.6.x, 10.5.5.x, 10.5.4.x and 10.5.3.x ,contain an improper authorization vuln
Networking OS10, versions prior to October 2021 with RESTCONF API enabled, contains a privilege escalation vulnerability
Dell OS10 Networking Switches running 10.5.2.x and above contain an Uncontrolled Resource Consumption (Denial of Service
Dell Networking OS10 versions 10.4.3.x, 10.5.0.x and 10.5.1.x contain an information exposure vulnerability. Rated low s
Same weakness CWE-693 – Protection Mechanism Failure
View allSame technique Denial Of Service
View allShare
External POC / Exploit Code
Leaving vuln.today