CVE-2022-2188 MEDIUM

CVE-2022-2188: DXL Broker privilege escalation vulnerability

Vendor Trellix
Product DXL Broker
Published November 7, 2022
Last update May 8, 2025

CVSS base score

6.5/10
Attack vector Local
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality None
Integrity None

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

What the vulnerability does

01Description

Privilege escalation vulnerability in DXL Broker for Windows prior to 6.0.0.280 allows local users to gain elevated privileges by exploiting weak directory controls in the logs directory. This can lead to a denial-of-service attack on the DXL Broker.

Key dates

02Disclosure timeline

November 7, 2022 CVE published
May 8, 2025 Record updated