{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-17T15:47:05.360","vulnerabilities":[{"cve":{"id":"CVE-2024-45764","sourceIdentifier":"security_alert@emc.com","published":"2024-11-08T16:15:23.070","lastModified":"2024-11-13T19:08:29.580","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Dell Enterprise SONiC OS, version(s) 4.1.x, 4.2.x, contain(s) a Missing Critical Step in Authentication vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Protection mechanism bypass. This is a critical severity vulnerability so Dell recommends customers to upgrade at the earliest opportunity."},{"lang":"es","value":"Dell Enterprise SONiC OS, versiones 4.1.x y 4.2.x, contiene una vulnerabilidad de falta de paso crítico en la autenticación. Un atacante no autenticado con acceso remoto podría aprovechar esta vulnerabilidad, lo que provocaría la omisión del mecanismo de protección. Se trata de una vulnerabilidad de gravedad crítica, por lo que Dell recomienda a los clientes que actualicen la versión lo antes posible."}],"metrics":{"cvssMetricV31":[{"source":"security_alert@emc.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H","baseScore":9.0,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":6.0},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"security_alert@emc.com","type":"Secondary","description":[{"lang":"en","value":"CWE-304"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-Other"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:dell:enterprise_sonic_distribution:*:*:*:*:*:*:*:*","versionStartIncluding":"4.1.0","versionEndExcluding":"4.1.6","matchCriteriaId":"B562D424-8BFD-4EB8-B420-BBB9A9487BFD"},{"vulnerable":true,"criteria":"cpe:2.3:o:dell:enterprise_sonic_distribution:*:*:*:*:*:*:*:*","versionStartIncluding":"4.2.0","versionEndExcluding":"4.2.2","matchCriteriaId":"062610CC-696D-4014-AB7A-BA99EA7E0A24"}]}]}],"references":[{"url":"https://www.dell.com/support/kbdoc/en-us/000245655/dsa-2024-449-security-update-for-dell-enterprise-sonic-distribution-vulnerabilities","source":"security_alert@emc.com","tags":["Vendor Advisory"]}]}}]}