Information Disclosure in Dell GeoDrive Versions 2.1 - 2.2
CVE-2022-33918

5.5MEDIUM

Key Information:

Vendor: Dell
Status: Geodrive
Vendor: CVE Published:; 12 October 2022

Summary

Dell GeoDrive versions 2.1 and 2.2 are susceptible to an information disclosure vulnerability that allows authenticated non-admin users to obtain sensitive information. This exploit could lead to unauthorized access and compromise the confidentiality of user data. Organizations using these versions should apply the necessary security measures to mitigate the risk and safeguard their sensitive information.

Affected Version(s)

GeoDrive < 2.2

References

https://www.dell.com/support/kbdoc/000203632

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Oct 12, 2022
Vulnerability Reserved
Jun 17, 2022