Article Number: 000197433
High
Proprietary Code CVE | Description | CVSS Base Score | CVSS Vector String |
CVE-2022-24424 | Dell EMC AppSync versions from 3.9 to 4.3 contain a path traversal vulnerability in AppSync server. A remote unauthenticated attacker may potentially exploit this vulnerability to gain unauthorized read access to the files stored on the server filesystem, with the privileges of the running web application. | 7.5 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Proprietary Code CVE | Description | CVSS Base Score | CVSS Vector String |
CVE-2022-24424 | Dell EMC AppSync versions from 3.9 to 4.3 contain a path traversal vulnerability in AppSync server. A remote unauthenticated attacker may potentially exploit this vulnerability to gain unauthorized read access to the files stored on the server filesystem, with the privileges of the running web application. | 7.5 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Product | Affected Versions | Updated Versions | Link to Update | |
Dell EMC AppSync | Versions 3.9.0.0 to 4.3.0.0 | 4.4.0.0 | https://dl.dell.com/downloads/DL107581 | |
Product | Affected Versions | Updated Versions | Link to Update | |
Dell EMC AppSync | Versions 3.9.0.0 to 4.3.0.0 | 4.4.0.0 | https://dl.dell.com/downloads/DL107581 | |
Revision | Date | Description |
1.0 | 2022-03-16 | Initial Release |
AppSync, AppSync, Product Security Information
16 Mar 2022
Dell Security Advisory