CVE-2022-34372
9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Dell PowerProtect Cyber Recovery versions before 19.11.0.2 contain an authentication bypass vulnerability. A remote unauthenticated attacker may potentially access and interact with the docker registry API leading to an authentication bypass. The attacker may potentially alter the docker images leading to a loss of integrity and confidentiality
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Dell | Cyber Recovery | unspecified < 19.11 | affected |
Weaknesses
- CWE-288: CWE-288: Authentication Bypass Using an Alternate Path or Channel
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.