CVE-2022-29084
8.1
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Dell Unity, Dell UnityVSA, and Dell Unity XT versions before 5.2.0.0.5.173 do not restrict excessive authentication attempts in Unisphere GUI. A remote unauthenticated attacker may potentially exploit this vulnerability to brute-force passwords and gain access to the system as the victim. Account takeover is possible if weak passwords are used by users.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Dell | Unity | unspecified < 5.2.0.0.5.173 | affected |
Weaknesses
- CWE-307: CWE-307: Improper Restriction of Excessive Authentication Attempts
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.