CVE-2022-34434
Last modified
CVE-2022-34434 is a medium-severity vulnerability rated 6.7/10 on the CVSS scale. Cloud Mobility for Dell Storage versions 1.3.0 and earlier contains an Improper Access Control vulnerability within the Postgres database. A threat actor with root level access to either the vApp or containerized versions of Cloud Mobility may potentially exploit this vulnerability, leading to the modification or deletion of tables that are required for many of the core functionalities of Cloud Mobility. EPSS estimates a 0.18% chance of exploitation in the next 30 days.
Description
Cloud Mobility for Dell Storage versions 1.3.0 and earlier contains an Improper Access Control vulnerability within the Postgres database. A threat actor with root level access to either the vApp or containerized versions of Cloud Mobility may potentially exploit this vulnerability, leading to the modification or deletion of tables that are required for many of the core functionalities of Cloud Mobility. Exploitation may lead to the compromise of integrity and availability of the normal functionality of the Cloud Mobility application.
Metrics
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Dell | Cloud Mobility For Dell Emc Storage | < 1.3.1 |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2022-34434?
How severe is CVE-2022-34434?
How do I fix CVE-2022-34434?
Are you affected by CVE-2022-34434?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST