Headline
CVE-2022-34373: DSA-2022-201: Dell Command | Integration Suite for System Center Security Update for Arbitrary File Write Vulnerability
Dell Command Integration Suite for System Center, versions prior to 6.2.0, contains arbitrary file write vulnerability. A locally authenticated malicious user could potentially exploit this vulnerability in order to perform an arbitrary write as system.
Vaikutus
High
Tiedot
Proprietary Code CVEs
Description
CVSS Base Score
CVSS Vector String
CVE-2022-34373
Dell Command | Integration Suite for System Center versions before 6.2.0, contains arbitrary file write vulnerability. A locally authenticated malicious user may potentially exploit this vulnerability in order to perform an arbitrary write as system.
7.3
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Proprietary Code CVEs
Description
CVSS Base Score
CVSS Vector String
CVE-2022-34373
Dell Command | Integration Suite for System Center versions before 6.2.0, contains arbitrary file write vulnerability. A locally authenticated malicious user may potentially exploit this vulnerability in order to perform an arbitrary write as system.
7.3
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Dell Technologies suosittelee, että kaikki asiakkaat ottavat huomioon sekä CVSS-peruspistemäärän että kaikki asiaankuuluvat väliaikaiset ja ympäristöön liittyvät pisteet, jotka voivat vaikuttaa tietyn tietoturvahaavoittuvuuden mahdolliseen vakavuuteen.
Tuotteet, joihin asia vaikuttaa ja tilanteen korjaaminen****Kiitokset
Dell would like to thank Johannes Hatting for reporting this issue.
Versiohistoria
Revision
Date
Description
1.0
2022-07-26
Initial Release
Asiaan liittyvät tiedot
Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide
Dell Command | Integration Suite for Microsoft System Center, Product Security Information
26 heinäk. 2022