Regular Expression Denial of Service Vulnerability in Dell Hybrid Client Software
CVE-2022-34428

5MEDIUM

Key Information:

Vendor: Dell
Status: Dell Hybrid Client (dhc)
Vendor: CVE Published:; 30 September 2022

Summary

The Dell Hybrid Client prior to version 1.8 is vulnerable to a Regular Expression Denial of Service attack in its user interface. This weakness allows an attacker with WMS group admin access to exploit the vulnerability, potentially resulting in a temporary denial of service. Organizations using affected versions should prioritize upgrading their software to mitigate this security risk. For more information, refer to Dell's security update.

Affected Version(s)

Dell Hybrid Client (DHC) < 1.8

References

https://www.dell.com/support/kbdoc/en-us/000203345/dsa-20...

x_refsource_MISC

CVSS V3.1

Score:

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
Sep 30, 2022
Vulnerability Reserved
Jun 23, 2022