Lucene search

DellCVELIST:CVE-2022-34432

HistorySep 14, 2022 - 12:00 a.m.

CVE-2022-34432

2022-09-1400:00:00

CWE-77

dell

www.cve.org

dell hybrid client

gedit vulnerability

guest attacker

deletion

files folders

7.3 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

HIGH

Availability Impact

LOW

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L

8.4 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

34.8%

JSON

Dell Hybrid Client below 1.8 version contains a gedit vulnerability. A guest attacker could potentially exploit this vulnerability, allowing deletion of user and some system files and folders.

CNA Affected

[
  {
    "vendor": "Dell",
    "product": "Dell Hybrid Client (DHC)",
    "versions": [
      {
        "version": "unspecified",
        "lessThan": "1.8",
        "status": "affected",
        "versionType": "custom"
      }
    ]
  }
]

References

www.dell.com/support/kbdoc/en-us/000203345/dsa-2022-260-dell-hybrid-client-security-update-for-multiple-vulnerabilities

7.3 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

HIGH

Availability Impact

LOW

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L

8.4 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

34.8%

JSON

Related for CVELIST:CVE-2022-34432