CVE-2022-34372

Summary

Dell PowerProtect Cyber Recovery versions before 19.11.0.2 contain an authentication bypass vulnerability. A remote unauthenticated attacker may potentially access and interact with the docker registry API leading to an authentication bypass. The attacker may potentially alter the docker images leading to a loss of integrity and confidentiality

Affected Software

VendorProductVersion RangeStatus
DellCyber Recoveryunspecified < 19.11affected

Weaknesses

  • CWE-288: CWE-288: Authentication Bypass Using an Alternate Path or Channel

ADP Enrichment

CVE Program Container

Additional References

References