← back
CVE-2023-43068

CVE-2023-43068

CVSS 7.8 HIGHEPSS 0.8%CWE-78
Vexday Risk Score
21Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 7.8EPSS 0.8%KEV nãoPoC Nuclei Metasploit Patch referenciado
Lifecycle
05 Oct 2023Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Dell SmartFabric Storage Software v1.4 (and earlier) contains an OS Command Injection Vulnerability in the restricted shell in SSH. An authenticated remote attacker could potentially exploit this vulnerability, leading to execute arbitrary commands.
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected products
Dell · Dell SmartFabric Storage Software

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://www.dell.com/support/kbdoc/en-us/000218107/dsa-2023-347-dell-smartfabric-storage-software-security-update-for-multiple-vulnerabilities