6.8
CVE-2022-34402
- EPSS 0.15%
- Veröffentlicht 10.10.2022 21:15:11
- Zuletzt bearbeitet 21.11.2024 07:09:27
- Quelle security_alert@emc.com
- Teams Watchlist Login
- Unerledigt Login
Dell Wyse ThinOS 2205 contains a Regular Expression Denial of Service Vulnerability in UI. An admin privilege attacker could potentially exploit this vulnerability, leading to denial-of-service.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Dell ≫ Wyse Thinos Version < 9.3.2102
Dell ≫ Latitude 3420 Version-
Dell ≫ Optiplex 3000 Thin Client Version-
Dell ≫ Wyse 3040 Thin Client Version-
Dell ≫ Wyse 5070 Thin Client Version-
Dell ≫ Wyse 5470 All-in-one Thin Client Version-
Dell ≫ Wyse 5470 Mobile Thin Client Version-
Dell ≫ Optiplex 3000 Thin Client Version-
Dell ≫ Wyse 3040 Thin Client Version-
Dell ≫ Wyse 5070 Thin Client Version-
Dell ≫ Wyse 5470 All-in-one Thin Client Version-
Dell ≫ Wyse 5470 Mobile Thin Client Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.15% | 0.359 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.9 | 1.2 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
|
| security_alert@emc.com | 6.8 | 2.3 | 4 |
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
|
CWE-1333 Inefficient Regular Expression Complexity
The product uses a regular expression with an inefficient, possibly exponential worst-case computational complexity that consumes excessive CPU cycles.