How severe is CVE-2023-28078?

This vulnerability has a severity rating of CRITICAL with a CVSS score of 9.1 out of 10.

What type of vulnerability is CVE-2023-28078?

This is classified as CWE-923, which is a common weakness in software security.

CVE-2023-28078 - CRITICAL Severity | CVSS 9.1

Vulnerability Description

Dell OS10 Networking Switches running 10.5.2.x and above contain a vulnerability with zeroMQ when VLT is configured. A remote unauthenticated attacker could potentially exploit this vulnerability leading to information disclosure and a possible Denial of Service when a huge number of requests are sent to the switch. This is a high severity vulnerability as it allows an attacker to view sensitive data. Dell recommends customers to upgrade at the earliest opportunity.

Related Vulnerabilities

CVE-2024-41889

HIGH

CVSS:8.8(High)

Multiple Pimax products accept WebSocket connections from unintended endpoints. If this vulnerability is exploited, arbitrary code may be executed by a remote unauthenticated attacker.

CWE-9232024

CVE-2019-17440

CRITICAL

CVSS:9.8(Critical)

Improper restriction of communications to Log Forwarding Card (LFC) on PA-7000 Series devices with second-generation Switch Management Card (SMC) may allow an attacker with network access to the LFC t...

CWE-9232019

CVE-2025-29986

HIGH

CVSS:8.3(High)

Dell Common Event Enabler, version(s) CEE 9.0.0.0, contain(s) an Improper Restriction of Communication Channel to Intended Endpoints vulnerability in the Common Anti-Virus Agent (CAVA). An unauthentic...

CWE-9232025

CVE-2024-47490

HIGH

CVSS:8.2(High)

An Improper Restriction of Communication Channel to Intended Endpoints vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS Evolved on ACX 7000 Series allows an unauthentic...

CWE-9232024

CVE-2018-10596

HIGH

CVSS:8.0(High)

Medtronic 2090 CareLink Programmer uses a virtual private network connection to securely download updates. It does not verify it is still connected to this virtual private network before downloading u...

CWE-9232018

CVE-2024-26131

HIGH

CVSS:7.8(High)

Element Android is an Android Matrix Client. Element Android version 1.4.3 through 1.6.10 is vulnerable to intent redirection, allowing a third-party malicious application to start any internal activi...

CWE-9232024