Cross-Site Request Forgery Vulnerability in Dell EMC Data Protection Central
CVE-2022-34367

5.4MEDIUM

Key Information:

Vendor: Dell
Status: Data Protection Central
Vendor: CVE Published:; 21 July 2022

What is CVE-2022-34367?

Dell EMC Data Protection Central contains a Cross-Site Request Forgery vulnerability that could allow a remote unauthenticated attacker to trick the system into executing unintended commands or processes. This can result in unauthorized operations and compromise the server's integrity. It's crucial for users to update their software to mitigate the risks associated with this vulnerability.

Affected Version(s)

Data Protection Central < 19.7

References

https://www.dell.com/support/kbdoc/en-us/000201505/dsa-20...

x_refsource_MISC

CVSS V3.1

Score:

5.4

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 21, 2022
Vulnerability Reserved
Jun 23, 2022