Company wants customers to upgrade to patched version at “earliest opportunity”.
Dell has released a security update to address a critical flaw in its SmartFabric Storage Software (SFSS).
The vulnerability assigned as CVE-2023-32485 has a severity score of 9.8 on the CVSS scale. It affects version 1.3 and lower of the technology and allows an unauthenticated, remote attacker to escalate privileges to that of a system administrator.
Dell has described the vulnerability as resulting from improper input validation. “This is a critical severity vulnerability affecting user authentication,” the company disclosed. “Dell recommends customers to upgrade at the earliest opportunity.”
.Organizations use Dell SmartFabric Storage Software to automate storage services on existing 25GbE and 100GbE IP fabrics. The technology enables automated discovery, endpoint management and zoning services for data storage. SFSS is central to Dell’s strategy for enabling software-defined networking for storage connectivity.