CVE-2022-34368 MEDIUM

CVE-2022-34368

Vendor Dell
Product NetWorker Management Console
Weakness CWE-280
Published August 30, 2022
Last update September 17, 2024

CVSS base score

6.1/10
Attack vector Local
Attack complexity Low
Privileges required High
User interaction Required
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:L

What the vulnerability does

01Description

Dell EMC NetWorker 19.2.1.x 19.3.x, 19.4.x, 19.5.x, 19.6.x and 19.7.0.0 contain an Improper Handling of Insufficient Permissions or Privileges vulnerability. Authenticated non admin user could exploit this vulnerability and gain access to restricted resources.

Key dates

02Disclosure timeline

August 30, 2022 CVE published
September 17, 2024 Record updated