CVE-2022-34446

Published: Feb 11, 2023Modified: Nov 21, 2024

8.1

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

Exploitability: 2.8 / Impact: 5.2

Source: NVD

Description

PowerPath Management Appliance with versions 3.3 & 3.2* contains Authorization Bypass vulnerability. An authenticated remote user with limited privileges (e.g., of role Monitoring) can exploit this issue and gain access to sensitive information, and modify the configuration.

Affected (2)

Products: Dell: Powerpath Management Appliance

1 product

Powerpath Management Appliance

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Dell Powerpath Management Appliance	Version 3.2
Dell Powerpath Management Appliance	Version 3.3

Related CWEs

Improper Authorization

The product does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action.

References (2)

https://www.dell.com/support/kbdoc/000205404

Source: security_alert@emc.com

Vendor Advisory

https://www.dell.com/support/kbdoc/000205404

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.