6.5
CVE-2022-45103
- EPSS 0.14%
- Veröffentlicht 18.01.2023 15:15:11
- Zuletzt bearbeitet 21.11.2024 07:28:47
- Quelle security_alert@emc.com
- Teams Watchlist Login
- Unerledigt Login
Dell Unisphere for PowerMax vApp, VASA Provider vApp, and Solution Enabler vApp version 9.2.3.x contain an information disclosure vulnerability. A low privileged remote attacker could potentially exploit this vulnerability, leading to read arbitrary files on the underlying file system.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Dell ≫ Emc Solutions Enabler Virtual Appliance Version < 9.2.3.6
Dell ≫ Emc Unisphere For Powermax Version < 9.2.3.22
Dell ≫ Emc Unisphere For Powermax Version >= 10.0.0.0 < 10.0.0.5
Dell ≫ Emc Unisphere For Powermax Virtual Appliance Version < 9.2.3.22
Dell ≫ Emc Vasa Provider Virtual Appliance Version < 9.2.4.15
Dell ≫ Solutions Enabler Version < 9.2.3.6
Dell ≫ Solutions Enabler Version >= 10.0.0.0 < 10.0.0.5
Dell ≫ Unisphere 360 Version < 9.2.3.12
Dell ≫ Vasa Provider SwEditionstandalone Version < 9.2.4.22
Dell ≫ Powermax Os Version-
Dell ≫ Powermax Os Version5978
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.14% | 0.311 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.5 | 2.8 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
|
| security_alert@emc.com | 6.5 | 2.8 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
|
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.