Home

Description

Dell Enterprise SONiC OS, version 4.5.0, contains a cryptographic key vulnerability in SSH. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to unauthorized access to communication.

PUBLISHED Reserved 2025-04-16 | Published 2025-08-04 | Updated 2025-08-05 | Assigner dell




HIGH: 7.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Problem types

CWE-321: Use of Hard-coded Cryptographic Key

Product status

Default status
unaffected

4.5.0 (semver) before 4.5.0a
affected

References

www.dell.com/...nterprise-sonic-distribution-vulnerabilities vendor-advisory

cve.org (CVE-2025-38741)

nvd.nist.gov (CVE-2025-38741)

Download JSON