CVE Vulnerability

CVE-2022-45103

Dell Unisphere for PowerMax vApp, VASA Provider vApp, and Solution Enabler vApp version 9.2.3.x contain an information disclosure vulnerability. A low privileged remote attacker could potentially exploit this vulnerability, leading to read arbitrary files on the underlying file system.

6.5 /10

CVSS v3.0 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References
Link Resource
https://www.dell.com/support/kbdoc/en-us/000207177/dsa-2022-340-dell-unisphere-for-powermax-dell-unisphere-for-powermax-vapp-dell-solutions-enabler-vapp-dell-unisphere-360-dell-vasa-provider-vapp-and-dell-powermax-emb-mgmt-security-update-for-multiple-vulnerabilities Patch Vendor Advisory
Configurations

Configuration 1

cpe:2.3:o:dell:powermax_os:5978:*:*:*:*:*:*:*
cpe:2.3:a:dell:unisphere_360:*:*:*:*:*:*:*:*
cpe:2.3:a:dell:emc_unisphere_for_powermax:*:*:*:*:*:*:*:*
cpe:2.3:a:dell:emc_unisphere_for_powermax:*:*:*:*:*:*:*:*
cpe:2.3:a:dell:emc_unisphere_for_powermax_virtual_appliance:*:*:*:*:*:*:*:*
cpe:2.3:a:dell:solutions_enabler:*:*:*:*:*:*:*:*
cpe:2.3:a:dell:solutions_enabler:*:*:*:*:*:*:*:*
cpe:2.3:a:dell:emc_solutions_enabler_virtual_appliance:*:*:*:*:*:*:*:*
cpe:2.3:a:dell:vasa_provider:*:*:*:*:standalone:*:*:*
cpe:2.3:a:dell:emc_vasa_provider_virtual_appliance:*:*:*:*:*:*:*:*
cpe:2.3:o:dell:powermax_os:-:*:*:*:*:*:*:*
Information

Published : 2023-01-18 03:15

Updated : 2023-01-30 07:35

NVD link : CVE-2022-45103

Mitre link : CVE-2022-45103

Products Affected
No products.
CWE
CWE-200