CVE-2022-34397

medium

Description

Dell Unisphere for PowerMax vApp, VASA Provider vApp, and Solution Enabler vApp version 10.0.0.5 and below contains an authorization bypass vulnerability, allowing users to perform actions in which they are not authorized.

References

https://www.dell.com/support/kbdoc/en-us/000207177/dsa-2022-340-dell-unisphere-for-powermax-dell-unisphere-for-powermax-vapp-dell-solutions-enabler-vapp-dell-unisphere-360-dell-vasa-provider-vapp-and-dell-powermax-emb-mgmt-security-update-for-multiple-vulnerabilities

Details

Source: Mitre, NVD

Published: 2023-02-13

Updated: 2023-07-21

Risk Information

CVSS v2

Base Score: 5.5

Vector: CVSS2#AV:A/AC:L/Au:S/C:N/I:C/A:N

Severity: Medium

CVSS v3

Base Score: 5.7

Vector: CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N