Dell OS10, version 10.5.3.4, contains an Improper Certificate Validation vulnerability in Support Assist. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to unauthorized access to limited switch configuration data. The vulnerability could be leveraged by attackers to conduct man-in-the-middle attacks to gain access to the Support Assist information.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Tue, 20 May 2025 21:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: dell

Published:

Updated: 2025-05-20T20:30:24.017Z

Reserved: 2022-06-23T00:00:00.000Z

Link: CVE-2022-34394

cve-icon Vulnrichment

Updated: 2024-08-03T09:07:16.281Z

cve-icon NVD

Status : Modified

Published: 2022-09-28T21:15:12.897

Modified: 2024-11-21T07:09:25.707

Link: CVE-2022-34394

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.