Improper Access Control in Cloud Mobility for Dell Storage
CVE-2022-34434

6.7MEDIUM

Key Information:

Vendor: Dell
Status: Cloud Mobility For Dell Storage
Vendor: CVE Published:; 11 October 2022

Summary

Cloud Mobility for Dell Storage versions 1.3.0 and earlier are vulnerable to an Improper Access Control issue within the Postgres database. This weakness allows adversaries with root access to the associated vApp or containerized instances to potentially manipulate or erase crucial database tables, impacting the core functionalities of the Cloud Mobility application. Such exploitation can jeopardize the integrity and availability of the application's operations.

Affected Version(s)

Cloud Mobility for Dell Storage < 1.3.1

References

https://www.dell.com/support/kbdoc/en-vc/000203434/dsa-20...

CVSS V3.1

Score:

6.7

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Oct 11, 2022
Vulnerability Reserved
Jun 23, 2022