Unprotected Storage of Credentials Vulnerability in Dell EMC System Update
CVE-2022-22554

8.2HIGH

Key Information:

Vendor: Dell
Status: Dellemc System Update - Dsu
Vendor: CVE Published:; 24 January 2022

What is CVE-2022-22554?

Dell EMC System Update versions up to 1.9.2 are vulnerable to an unprotected storage of credentials issue, allowing local attackers with user privileges to potentially access and disclose user passwords. This vulnerability raises significant concerns regarding credential management and highlights the importance of protecting sensitive information from unauthorized access.

Affected Version(s)

DellEMC System Update - DSU < 1.9.2, 1.9.1, 1.9

References

https://www.dell.com/support/kbdoc/000195007

x_refsource_MISC

CVSS V3.1

Score:

8.2

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 24, 2022
Vulnerability Reserved
Jan 4, 2022