Arbitrary File Write Vulnerability in Dell Command | Integration Suite for System Center
CVE-2022-34373

7.3HIGH

Key Information:

Vendor: Dell
Status: Cpg Sw
Vendor: CVE Published:; 31 August 2022

What is CVE-2022-34373?

An arbitrary file write vulnerability exists in Dell Command | Integration Suite for System Center versions prior to 6.2.0. This flaw allows a locally authenticated malicious user to exploit the system and perform arbitrary write actions as the system user. This can lead to unauthorized access or changes to system files, potentially compromising the integrity of the system.

Affected Version(s)

CPG SW < 6.2.0

References

https://www.dell.com/support/kbdoc/000201877

x_refsource_MISC

CVSS V3.1

Score:

7.3

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 31, 2022
Vulnerability Reserved
Jun 23, 2022