Primary

Context

Dell Enterprise SONiC OS SSH Cryptographic Key Vulnerability Allowing Unauthorized Access

Vulnerability

A cryptographic key vulnerability in SSH has been identified in Dell Enterprise SONiC OS version 4.5.0. This vulnerability allows an unauthenticated remote attacker to potentially exploit the issue, leading to unauthorized access to communications.

Impact

Exploitation of this vulnerability could result in unauthorized access to communications by an unauthenticated remote attacker.

Remediation

Users can upgrade to Dell Enterprise SONiC OS version 4.5.0a for full remediation. Alternatively, users who wish to remain on version 4.5.0 can run specific CLI commands to regenerate new key pairs for the SSH server.

Added: Aug 4, 2025, 7:27 PM

Updated: Aug 4, 2025, 7:27 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.4

remediation

0.0

relevance

0.3

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.4

remediation

0.0

relevance

0.3

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Dell Enterprise SONiC OS SSH Cryptographic Key Vulnerability Allowing Unauthorized Access

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating