ZeroMQ Vulnerability in Dell OS10 Networking Switches with VLT Configuration

ZeroMQ Vulnerability in Dell OS10 Networking Switches with VLT Configuration

CVE-2023-28078 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

Dell OS10 Networking Switches running 10.5.2.x and above contain a vulnerability with zeroMQ when VLT is configured. A remote unauthenticated attacker could potentially exploit this vulnerability leading to information disclosure and a possible Denial of Service when a huge number of requests are sent to the switch. This is a high severity vulnerability as it allows an attacker to view sensitive data. Dell recommends customers to upgrade at the earliest opportunity.

Learn more about our Network Penetration Testing.