Dell Enterprise Sonic Distribution
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Dell Enterprise Sonic Distribution.
By the Year
In 2026 there have been 0 vulnerabilities in Dell Enterprise Sonic Distribution. Last year, in 2025 Enterprise Sonic Distribution had 1 security vulnerability published. Right now, Enterprise Sonic Distribution is on track to have less security vulnerabilities in 2026 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 1 | 4.90 |
| 2024 | 4 | 8.50 |
| 2023 | 1 | 7.50 |
| 2022 | 1 | 7.50 |
It may take a day or so for new Enterprise Sonic Distribution vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Dell Enterprise Sonic Distribution Security Vulnerabilities
Log Leakage on Dell Switches Enterprise SONiC OS v<=4.4.1/4.2.3
CVE-2025-23374
4.9 - Medium
- January 30, 2025
Dell Networking Switches running Enterprise SONiC OS, version(s) prior to 4.4.1 and 4.2.3, contain(s) an Insertion of Sensitive Information into Log File vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Information exposure.
Insertion of Sensitive Information into Log File
Dell SONiC OS 4.x Command Injection Flaw - November 2024
CVE-2024-45763
7.2 - High
- November 08, 2024
Dell Enterprise SONiC OS, version(s) 4.1.x, 4.2.x, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Command execution. This is a critical severity vulnerability so Dell recommends customers to upgrade at the earliest opportunity.
Shell injection
Dell SONiC OS 4.x Command Injection Flaw - November 2024
CVE-2024-45765
7.2 - High
- November 08, 2024
Dell Enterprise SONiC OS, version(s) 4.1.x, 4.2.x, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Command execution. This is a critical severity vulnerability as it allows high privilege OS commands to be executed with a less privileged role; so Dell recommends customers to upgrade at the earliest opportunity.
Shell injection
Dell SONiC OS 4.x Auth Bypass Flaw - November 2024
CVE-2024-45764
9.8 - Critical
- November 08, 2024
Dell Enterprise SONiC OS, version(s) 4.1.x, 4.2.x, contain(s) a Missing Critical Step in Authentication vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Protection mechanism bypass. This is a critical severity vulnerability so Dell recommends customers to upgrade at the earliest opportunity.
Missing Critical Step in Authentication
Dell Enterprise SONiC 3.5.4 and below Remote Input Validation Escalation
CVE-2023-32484
9.8 - Critical
- February 15, 2024
Dell Networking Switches running Enterprise SONiC versions 4.1.0, 4.0.5, 3.5.4 and below contains an improper input validation vulnerability. A remote unauthenticated malicious user may exploit this vulnerability and escalate privileges up to the highest administrative level. This is a Critical vulnerability affecting certain protocols, Dell recommends customers to upgrade at the earliest opportunity.
Improper Input Validation
Uncontrolled Resource Consumption in Dell SONiC OS 3.5.3/4.0.x Auth Comp
CVE-2023-24574
7.5 - High
- February 02, 2023
Dell Enterprise SONiC OS, 3.5.3, 4.0.0, 4.0.1, 4.0.2, contains an "Uncontrolled Resource Consumption vulnerability" in authentication component. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to uncontrolled resource consumption by creating permanent home directories for unauthenticated users.
Resource Exhaustion
Dell SONiC 4.0.0/1 SSH Key Vulnerability
CVE-2022-34425
7.5 - High
- October 10, 2022
Dell Enterprise SONiC OS, 4.0.0, 4.0.1, contain a cryptographic key vulnerability in SSH. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to unauthorized access to communication.
Use of Hard-coded Credentials
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Dell Enterprise Sonic Distribution or by Dell? Click the Watch button to subscribe.
