Global infos:

Dell OS10, version 10.5.3.4, contains an Improper Certificate Validation vulnerability in Support Assist. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to unauthorized access to limited switch configuration data. The vulnerability could be leveraged by attackers to conduct man-in-the-middle attacks to gain access to the Support Assist information.

CVE Status: Modified

References:

[email protected]

af854a3a-2127-422b-91ae-364da2661108

Metrics:

Attribute	Value
Attack Complexity	HIGH
Attack Vector	NETWORK
Availability Impact	NONE
Base Score	3.7
Base Severity	LOW
Confidentiality Impact	LOW
Integrity Impact	NONE
Privileges Required	NONE
Scope	UNCHANGED
User Interaction	NONE
Vector String	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
Exploitability Score	2.2
Impact Score	1.4
Source	[email protected]
Type	Secondary

Links:

Exploit-db
Github