admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-19 17:31:42 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2022/CVE-2022-343xx/CVE-2022-34397.json
cad-safe-bot 2c24d425e6 Auto-Update: 2023-07-21T20:00:32.841018+00:00
2023-07-21 20:00:36 +00:00

131 lines
4.2 KiB
JSON
Raw Blame History

{
"id": "CVE-2022-34397",
"sourceIdentifier": "security_alert@emc.com",
"published": "2023-02-13T10:15:13.470",
"lastModified": "2023-07-21T19:05:05.893",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "\nDell Unisphere for PowerMax vApp, VASA Provider vApp, and Solution Enabler vApp version 10.0.0.5 and below contains an authorization bypass vulnerability, allowing users to perform actions in which they are not authorized.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 5.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.1,
"impactScore": 3.6
},
{
"source": "security_alert@emc.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:C/C:L/I:H/A:N",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 4.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
},
{
"source": "security_alert@emc.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-863"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dell:evasa_provider_virtual_appliance:*:*:*:*:*:*:*:*",
"versionEndExcluding": "9.2.4.15",
"matchCriteriaId": "B4691FFF-9A8A-4C46-A1D7-DFD8F01C1569"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dell:solutions_enabler_virtual_appliance:*:*:*:*:*:*:*:*",
"versionEndExcluding": "9.2.3.6",
"matchCriteriaId": "0B8429AF-3AE4-4B5F-B5F8-79C6EAD7DC5A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dell:solutions_enabler_virtual_appliance:*:*:*:*:eem:*:*:*",
"versionEndExcluding": "9.2.4.26",
"matchCriteriaId": "B47DD3E9-CBEB-4625-975E-BD9A3817E9BE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dell:unisphere_for_powermax_virtual_appliance:*:*:*:*:*:*:*:*",
"versionEndExcluding": "9.2.3.22",
"matchCriteriaId": "74DE8B9F-60D9-4597-A477-4F73501C8C35"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dell:unisphere_for_powermax_virtual_appliance:*:*:*:*:eem:*:*:*",
"versionEndExcluding": "9.2.4.26",
"matchCriteriaId": "F34932BB-8083-4380-B3DA-F5721B127F50"
}
]
}
]
}
],
"references": [
{
"url": "https://www.dell.com/support/kbdoc/en-us/000207177/dsa-2022-340-dell-unisphere-for-powermax-dell-unisphere-for-powermax-vapp-dell-solutions-enabler-vapp-dell-unisphere-360-dell-vasa-provider-vapp-and-dell-powermax-emb-mgmt-security-update-for-multiple-vulnerabilities",
"source": "security_alert@emc.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink