Medium
Proprietary Code | Description | CVSS Base Score | CVSS Vector String |
CVE-2022-31231 | Dell ECS, versions 3.5 and 3.6, contain an Improper Access Control in the Identity and Access Management (IAM) module. A remote unauthenticated attacker may potentially exploit this vulnerability, leading to gaining read access to unauthorized data. | 5.9 | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N |
Proprietary Code | Description | CVSS Base Score | CVSS Vector String |
CVE-2022-31231 | Dell ECS, versions 3.5 and 3.6, contain an Improper Access Control in the Identity and Access Management (IAM) module. A remote unauthenticated attacker may potentially exploit this vulnerability, leading to gaining read access to unauthorized data. | 5.9 | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N |
Product | Affected Versions | Updated Versions | Link to Update |
Dell ECS | Version 3.5.x.x before 3.5.1.7 Version 3.6.x.x. before 3.6.2.4 |
|
See Dell article 200962, ECS: Solution to address CVE-2022-31231 security vulnerability on 3.5.x/3.6.x to Apply Patch. Dell Technologies recommends all customers update their ECS systems at the earliest opportunity following the 'Apply Patch' link. Customers apply the patch in order to quickly and safely avoid prolonged exposure to this vulnerability. |
Product | Affected Versions | Updated Versions | Link to Update |
Dell ECS | Version 3.5.x.x before 3.5.1.7 Version 3.6.x.x. before 3.6.2.4 |
|
See Dell article 200962, ECS: Solution to address CVE-2022-31231 security vulnerability on 3.5.x/3.6.x to Apply Patch. Dell Technologies recommends all customers update their ECS systems at the earliest opportunity following the 'Apply Patch' link. Customers apply the patch in order to quickly and safely avoid prolonged exposure to this vulnerability. |
None
Revision | Date | Description |
1.0 | 2022-07-11 | Initial Release |