CRITICAL✓ PATCH🇬🇧 English

CVE-2022-34380

CVSS 9.3v3.1pub. 2022-09-01upd. 2024-11-21

Dell CloudLink 7.1.3 and all earlier versions contain an Authentication Bypass Using an Alternate Path or Channel Vulnerability. A high privileged local attacker may potentially exploit this vulnerability leading to authentication bypass and access the CloudLink system console. This is critical severity vulnerability as it allows attacker to take control of the system.

oryginał EN
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
  • Dell Cloudlink

    APP
    Dell
    < 7.1.4
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
Tagi
Auth Bypass
CWE
Referencje

Powiązane podatności

CVE-2025-46364CRITICAL9.1PL ✓ten sam produkt

Dell CloudLink — CLI Escape umożliwia przejęcie kontroli nad systemem

CVE-2025-45378CRITICAL9.1PL ✓ten sam produkt

Dell CloudLink: command injection przez ucieczkę z restricted shell

CVE-2022-34379CRITICAL9.4ten sam produkt

Dell EMC CloudLink 7.1.2 and all prior versions contain an Authentication Bypass Vulnerability. A remote attac...

CVE-2021-36312CRITICAL9.1ten sam produkt

Dell EMC CloudLink 7.1 and all prior versions contain a Hard-coded Password Vulnerability. A remote high privi...

CVE-2021-36313CRITICAL9.1ten sam produkt

Dell EMC CloudLink 7.1 and all prior versions contain an OS command injection Vulnerability. A remote high pri...

CVE-2022-34380 — CRITICAL 9.3 | CVEbaza.pl