CVE-2022-34397 | SynScan

Vulnerability Database

289,697

Total vulnerabilities in the database

CVE-2022-34397

Dell Unisphere for PowerMax vApp, VASA Provider vApp, and Solution Enabler vApp version 10.0.0.5 and below contains an authorization bypass vulnerability, allowing users to perform actions in which they are not authorized.

Published: Feb 13, 2023
Updated: Jun 1, 2023
CVE: CVE-2022-34397
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 5.7
AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

CWEs:

CWE-863

Affected Software
References

Software	From	Fixed in
dell / solutions_enabler_virtual_appliance	-	9.2.4.26
dell / solutions_enabler_virtual_appliance	-	9.2.3.6
dell / evasa_provider_virtual_appliance	-	9.2.4.15
dell / unisphere_for_powermax_virtual_appliance	-	9.2.4.26
dell / unisphere_for_powermax_virtual_appliance	-	9.2.3.22

https://www.dell.com/support/kbdoc/en-us/000207177/dsa-2022-340-dell-unisphere-for-powermax-dell-unisphere-for-powermax-vapp-dell-solutions-enabler-vapp-dell-unisphere-360-dell-vasa-provider-vapp-and-dell-powermax-emb-mgmt-security-update-for-multiple-vulnerabilities