Sensitive Information Disclosure in PowerPath Management Appliance by Dell
CVE-2022-34452

2.7LOW

Key Information:

Vendor: Dell
Status: Powerpath Management Appliance
Vendor: CVE Published:; 10 February 2023

What is CVE-2022-34452?

The PowerPath Management Appliance, developed by Dell, has a vulnerability that allows authenticated admin users to access sensitive information stored within the logs. This can lead to unauthorized exposure of critical data, making it imperative for organizations using affected versions to apply necessary security updates to mitigate the risk.

Affected Version(s)

PowerPath Management Appliance 0 <= 3.3, 3.2*, 3.1, 3.0*

References

https://www.dell.com/support/kbdoc/en-us/000205404/dsa-20...

vendor-advisory

CVSS V3.1

Score:

2.7

Severity:

LOW

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 10, 2023
Vulnerability Reserved
Jun 23, 2022