CVE-2023-43069 HIGH

CVE-2023-43069

Vendor Dell

Product Dell SmartFabric Storage Software

Weakness CWE-78

Published October 5, 2023

Last update September 19, 2024

View on NVD All CVEs

CVSS base score

7.8/10

Attack vector Local

Attack complexity Low

Privileges required Low

User interaction None

Confidentiality High

Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

Dell SmartFabric Storage Software v1.4 (and earlier) contain(s) an OS Command Injection Vulnerability in the CLI. An authenticated local attacker could potentially exploit this vulnerability, leading to possible injection of parameters to curl or docker.

Key dates

02Disclosure timeline

October 5, 2023 CVE published

September 19, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2023-43069 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/78.html

Related vulnerabilities

04Related CVE

CVE-2026-32191 Microsoft Bing Images Remote Code Execution Vulnerability CVE-2020-2010 PAN-OS: Authenticated user command injection vulnerability CVE-2024-9441 Linear eMerge e3-Series Forgot Password Command Injection CVE-2026-4499 D-Link DIR-820LW SSDP ssdpcgi_main os command injection CVE-2026-4627 D-Link DIR-825/DIR-825R NTP Service libdeuteron_modules.so handler_update_system_time os command injection