Vulnerabilities > Dell > Enterprise Sonic Distribution

DATE CVE VULNERABILITY TITLE RISK
2025-01-30 CVE-2025-23374 Information Exposure Through Log Files vulnerability in Dell Enterprise Sonic Distribution
Dell Networking Switches running Enterprise SONiC OS, version(s) prior to 4.4.1 and 4.2.3, contain(s) an Insertion of Sensitive Information into Log File vulnerability.
network
low complexity
dell CWE-532
4.9
4.9
2024-11-08 CVE-2024-45763 OS Command Injection vulnerability in Dell Enterprise Sonic Distribution
Dell Enterprise SONiC OS, version(s) 4.1.x, 4.2.x, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability.
network
low complexity
dell CWE-78
7.2
7.2
2024-11-08 CVE-2024-45764 Unspecified vulnerability in Dell Enterprise Sonic Distribution
Dell Enterprise SONiC OS, version(s) 4.1.x, 4.2.x, contain(s) a Missing Critical Step in Authentication vulnerability.
network
low complexity
dell
critical
 9.8
9.8
2024-11-08 CVE-2024-45765 OS Command Injection vulnerability in Dell Enterprise Sonic Distribution
Dell Enterprise SONiC OS, version(s) 4.1.x, 4.2.x, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability.
network
low complexity
dell CWE-78
7.2
7.2
2024-02-15 CVE-2023-32484 Unspecified vulnerability in Dell Enterprise Sonic Distribution
Dell Networking Switches running Enterprise SONiC versions 4.1.0, 4.0.5, 3.5.4 and below contains an improper input validation vulnerability.
network
low complexity
dell
critical
 9.8
9.8
2023-02-02 CVE-2023-24574 Resource Exhaustion vulnerability in Dell Enterprise Sonic Distribution
Dell Enterprise SONiC OS, 3.5.3, 4.0.0, 4.0.1, 4.0.2, contains an "Uncontrolled Resource Consumption vulnerability" in authentication component.
network
low complexity
dell CWE-400
7.5
7.5
2022-10-10 CVE-2022-34425 Use of Hard-coded Credentials vulnerability in Dell Enterprise Sonic Distribution 4.0.0/4.0.1
Dell Enterprise SONiC OS, 4.0.0, 4.0.1, contain a cryptographic key vulnerability in SSH.
network
low complexity
dell CWE-798
7.5
7.5