MEDIUM✓ PATCH🇬🇧 English

CVE-2022-34434

CVSS 6.7v3.1pub. 2022-10-11upd. 2024-11-21

Cloud Mobility for Dell Storage versions 1.3.0 and earlier contains an Improper Access Control vulnerability within the Postgres database. A threat actor with root level access to either the vApp or containerized versions of Cloud Mobility may potentially exploit this vulnerability, leading to the modification or deletion of tables that are required for many of the core functionalities of Cloud Mobility. Exploitation may lead to the compromise of integrity and availability of the normal functionality of the Cloud Mobility application.

oryginał EN
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  • Dell Cloud Mobility For Dell Emc Storage

    APP
    Dell
    < 1.3.1
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
Tagi
Container
CWE
Referencje

Powiązane podatności

CVE-2023-23690HIGH7.0ten sam produkt

Cloud Mobility for Dell EMC Storage, versions 1.3.0.X and below contains an Improper Check for Certificate Re...

CVE-2022-33936HIGH8.0ten sam produkt

Cloud Mobility for Dell EMC Storage, 1.3.0.XXX contains a RCE vulnerability. A non-privileged user could poten...

CVE-2026-22769CRITICAL10.0⚠ KEVPL ✓ten sam vendor

Dell RecoverPoint for VMs — zahardkodowane dane uwierzytelniające (RCE, root)

CVE-2026-41120CRITICAL9.8PL ✓ten sam vendor

RCE w Dell Wyse Management Suite — akceptacja niezaufanych danych

CVE-2026-40636CRITICAL9.8PL ✓ten sam vendor

Dell ECS / ObjectScale — podatność hard-coded credentials umożliwiająca dostęp do systemu plików