CVE-2022-34363

MEDIUM6.5

JSON export Create alert

Description

Dell Unisphere for PowerMax vApp version prior to 10.0.0.2, contains an authorization bypass vulnerability in the Unisphere for VMAX application running in vApp

CVSS breakdown

CVSS 3.1

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

High

Availability

None

Affected products

Dell / Unisphere 3600 – 9.2.3.12
Dell / Unisphere for PowerMax0 – 10.0.0.5 EEM: 10.0.0.968
Dell / Unisphere for PowerMax0 – 9.2.3.22 EEM: 9.2.4.26
Dell / Unisphere for PowerMax Virtual Appliance0 – 9.2.3.22 EEM: 9.2.4.26

References

MISChttps://dellservices.lightning.force.com/lightning/r/Lightning_Knowledge__kav/ka06P000000xAiKQAU/view