Improper Handling of Permissions in Dell EMC NetWorker
CVE-2022-34368

6.1MEDIUM

Key Information:

Vendor: Dell
Status: Networker Management Console
Vendor: CVE Published:; 30 August 2022

What is CVE-2022-34368?

Dell EMC NetWorker versions 19.2.1.x through 19.7.0.0 are susceptible to a vulnerability that allows authenticated non-administrative users to exploit insufficient permissions. This can enable unauthorized access to restricted resources, potentially leading to significant security risks. Users of the affected NetWorker versions are advised to apply the necessary updates to mitigate these risks.

Affected Version(s)

NetWorker Management Console < 19.6.1.2

References

https://www.dell.com/support/kbdoc/en-us/000201652/dsa-20...

x_refsource_MISC

CVSS V3.1

Score:

6.1

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 30, 2022
Vulnerability Reserved
Jun 23, 2022