DSA-2022-207: Dell CloudLink Security Update for an AD Users Login Without Password Vulnerability
Samenvatting: Dell CloudLink remediation is available for AD users login without password that may be exploited by malicious users to compromise the affected system.
Dit artikel is van toepassing op
Dit artikel is niet van toepassing op
Impact
Critical
Gegevens
| Proprietary Code CVEs |
Description |
CVSS Base Score |
CVSS Vector String |
| CVE-2022-34379 |
Dell CloudLink 7.1.2 and all earlier versions contain an Authentication Bypass Vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability leading to authentication bypass and access the CloudLink web console. This is critical severity vulnerability as it allows attacker to take control of the system. |
9.1 |
| Proprietary Code CVEs |
Description |
CVSS Base Score |
CVSS Vector String |
| CVE-2022-34379 |
Dell CloudLink 7.1.2 and all earlier versions contain an Authentication Bypass Vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability leading to authentication bypass and access the CloudLink web console. This is critical severity vulnerability as it allows attacker to take control of the system. |
9.1 |
Getroffen producten en herstel
| Product |
Affected Versions |
Updated Version |
Link to Update |
| Dell CloudLink |
Versions before 7.1.3 |
7.1.3 |
| Product |
Affected Versions |
Updated Version |
Link to Update |
| Dell CloudLink |
Versions before 7.1.3 |
7.1.3 |
Revisiegeschiedenis
|
Revision |
Date |
Description |
|
1.0 |
2022-08-01 |
Initial Release |
Verwante informatie
Juridische verklaring van afstand
Getroffen producten
Product Security InformationArtikeleigenschappen
Artikelnummer: 000202057
Artikeltype: Dell Security Advisory
Laatst aangepast: 08 jun. 2023
Vind antwoorden op uw vragen via andere Dell gebruikers
Support Services
Controleer of uw apparaat wordt gedekt door Support Services.