Critical Security Vulnerabilities Found in Dell SmartFabric Storage Software

Oct 9, 2023

SmartFabric Storage Software is a software used to manage Dell's data storage systems. However, critical security vulnerabilities recently discovered in the software have drawn attention from users.

These vulnerabilities include an OS command injection vulnerability that allows attackers to run commands on the system and elevate privileges, an improper input validation vulnerability in RADIUS configuration, an HTML and CVS formula injection vulnerability, and a path traversal vulnerability in the HTTP interface.

Dell has released patches to address these vulnerabilities. However, it is important for users to apply these patches as soon as possible to secure their applications and systems.

Here is more information about the critical security vulnerabilities found in Dell SmartFabric Storage Software:

CVE-2023-4401: OS command injection vulnerability in the CLI of Dell SmartFabric Storage Software v1.4
CVE-2023-43073: Improper input validation vulnerability in RADIUS configuration of Dell SmartFabric Storage Software v1.4
CVE-2023-43071: Possible vulnerabilities for HTML injection or CVS formula injection in Dell SmartFabric Storage Software v1.4
CVE-2023-32485: Improper input validation vulnerability in Dell SmartFabric Storage Software v1.3 and earlier
CVE-2023-43069: OS command injection vulnerability in the CLI of Dell SmartFabric Storage Software v1.4
CVE-2023-43070: Path traversal vulnerability in the HTTP interface of Dell SmartFabric Storage Software v1.4
CVE-2023-43068: OS command injection vulnerability in the restricted shell in SSH of Dell SmartFabric Storage Software v1.4

An attacker who exploits any of these security vulnerabilities could gain full control of the system and steal data or disable systems. Therefore, it is important for users to apply these patches as soon as possible to secure their applications and systems.

Organizations that use Dell SmartFabric Storage Software are advised to take the following steps:

Apply Dell's patches as soon as possible.
Keep your systems up to date regularly.
Protect your systems with firewalls and other security solutions.
Restrict access to your systems and only allow authorized users to access them.
Back up your systems regularly.

By taking these steps, you can reduce the risk of exposure to the critical security vulnerabilities in Dell SmartFabric Storage Software.

Trending

The Silent Threat in Systems: Two New Vulnerabilities in Tenable Network Monitor

Server-Side Request Forgery (SSRF) Vulnerability in SmartRobot by INTUMIT

Prisma Access Browser Security Update: Take Action to Address Critical Vulnerabilities

Remote Code Execution in EV Charging Stations

🚨 Security Alarm on Apple Devices 🚨

High-Severity Referrer-Policy Vulnerability in Google Chrome

$20 Million Ransom Demand Hits Coinbase

Critical Security Vulnerabilities Found in Dell SmartFabric Storage Software

Critical Security Vulnerabilities Found in Dell SmartFabric Storage Software

CVE - Released 05 October 2023 (NVD/NIST/MITRE...etc)

DELL Support CVE

Post a Comment

İletişim Formu