CVE-2022-26856
CVE-2022-26856
Vexday Risk Score
21Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 8.2EPSS 0.2%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
21 Apr 2022Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Dell EMC Repository Manager version 3.4.0 contains a plain-text password storage vulnerability. A local attacker could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the vulnerable application's database with privileges of the compromised account.
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H
Affected products
Dell · Dell Repository Manager (DRM)Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →