Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
DSA-2019-001: Dell Networking OS10 Improper Certificate Validation Vulnerability
Vulnerability Description
Dell Networking OS10 versions prior to 10.4.3.0 contain a vulnerability in the Phone Home feature which does not properly validate the server's certificate authority during TLS handshake. Use of an invalid or malicious certificate could potentially allow an attacker to spoof a trusted entity by using a man-in-the-middle (MITM) attack.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Dell Networking OS10 信任管理问题漏洞
Vulnerability Description
Dell Networking OS10是美国戴尔(Dell)公司开发的一套基于Linux的网络交换机操作系统。 Dell Networking OS10 10.4.3.0之前版本中的Phone Home功能存在安全漏洞,该漏洞源于在TLS握手过程中,程序错误地验证了服务器证书。攻击者可借助无效或恶意的证书通过实施中间人攻击利用该漏洞冒充可信的实体。
CVSS Information
N/A
Vulnerability Type
N/A