← volver
CVE-2022-34380

CVE-2022-34380

CVSS 9.3 CRITICALEPSS 0.2%CWE-287
Vexday Risk Score
28Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 9.3EPSS 0.2%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
01 sep 2022Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
Dell CloudLink 7.1.3 and all earlier versions contain an Authentication Bypass Using an Alternate Path or Channel Vulnerability. A high privileged local attacker may potentially exploit this vulnerability leading to authentication bypass and access the CloudLink system console. This is critical severity vulnerability as it allows attacker to take control of the system.
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Productos afectados
Dell · CloudLink

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →