7.8

CVE-2022-33922

EPSS 0.04%
Veröffentlicht 12.10.2022 20:15:10
Zuletzt bearbeitet 21.11.2024 07:08:36
Quelle security_alert@emc.com
CVE-Watchlists
Login
Unerledigt
Login

Dell GeoDrive, versions prior to 2.2, contains Insecure File and Folder Permissions vulnerabilities. A low privilege attacker could potentially exploit this vulnerability, leading to the execution of arbitrary code in the SYSTEM security context. Dell recommends customers to upgrade at the earliest opportunity.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 4

NVD 1 VulnDex Vulnerability Enrichment 0

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Dell ≫ Geodrive Version < 2.2.3

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.04%	0.129

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
security_alert@emc.com	7	1	5.9	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-276 Incorrect Default Permissions

During installation, installed file permissions are set to allow anyone to modify those files.

https://www.dell.com/support/kbdoc/000203632

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2022-33922

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-33922

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-33922

EUVD