ID
VAR-202209-0024
CVE
CVE-2022-34379
TITLE
Dell's CloudLink Authentication vulnerability in
Trust: 0.8
sources:
JVNDB: JVNDB-2022-016137
DESCRIPTION
Dell EMC CloudLink 7.1.2 and all prior versions contain an Authentication Bypass Vulnerability. A remote attacker, with the knowledge of the active directory usernames, could potentially exploit this vulnerability to gain unauthorized access to the system. Dell's CloudLink There is an authentication vulnerability in.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
Trust: 1.8
sources:
NVD: CVE-2022-34379 //
JVNDB: JVNDB-2022-016137 //
VULHUB: VHN-426695 //
VULMON: CVE-2022-34379
AFFECTED PRODUCTS
| vendor: | dell | model: | cloudlink | scope: | lt | version: | 7.1.3 | Trust: 1.0 |
| vendor: | デル | model: | cloudlink | scope: | eq | version: | - | Trust: 0.8 |
| vendor: | デル | model: | cloudlink | scope: | eq | version: | 7.1.3 | Trust: 0.8 |
| vendor: | デル | model: | cloudlink | scope: | - | version: | - | Trust: 0.8 |
sources:
JVNDB: JVNDB-2022-016137 //
NVD: CVE-2022-34379
CVSS
SEVERITY | CVSSV2 | CVSSV3 | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
sources:
JVNDB: JVNDB-2022-016137 //
CNNVD: CNNVD-202209-026 //
NVD: CVE-2022-34379 //
NVD: CVE-2022-34379
PROBLEMTYPE DATA
| problemtype: | CWE-287 | Trust: 1.1 |
| problemtype: | Inappropriate authentication (CWE-287) [NVD evaluation ] | Trust: 0.8 |
sources:
VULHUB: VHN-426695 //
JVNDB: JVNDB-2022-016137 //
NVD: CVE-2022-34379
THREAT TYPE
remote
Trust: 0.6
sources:
CNNVD: CNNVD-202209-026
TYPE
authorization issue
Trust: 0.6
sources:
CNNVD: CNNVD-202209-026
PATCH
| title: | Dell EMC CloudLink Remediation measures for authorization problem vulnerabilities | url: | http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=206828 | Trust: 0.6 |
sources:
CNNVD: CNNVD-202209-026
EXTERNAL IDS
| db: | NVD | id: | CVE-2022-34379 | Trust: 3.4 |
| db: | JVNDB | id: | JVNDB-2022-016137 | Trust: 0.8 |
| db: | CNNVD | id: | CNNVD-202209-026 | Trust: 0.6 |
| db: | VULHUB | id: | VHN-426695 | Trust: 0.1 |
| db: | VULMON | id: | CVE-2022-34379 | Trust: 0.1 |
sources:
VULHUB: VHN-426695 //
VULMON: CVE-2022-34379 //
JVNDB: JVNDB-2022-016137 //
CNNVD: CNNVD-202209-026 //
NVD: CVE-2022-34379
REFERENCES
| url: | https://www.dell.com/support/kbdoc/en-us/000202057/dsa-2022-207-dell-emc-cloudlink-security-update-for-an-ad-users-login-without-password-vulnerability | Trust: 2.6 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2022-34379 | Trust: 0.8 |
| url: | https://cxsecurity.com/cveshow/cve-2022-34379/ | Trust: 0.6 |
| url: | https://nvd.nist.gov | Trust: 0.1 |
sources:
VULHUB: VHN-426695 //
VULMON: CVE-2022-34379 //
JVNDB: JVNDB-2022-016137 //
CNNVD: CNNVD-202209-026 //
NVD: CVE-2022-34379
SOURCES
| db: | VULHUB | id: | VHN-426695 |
| db: | VULMON | id: | CVE-2022-34379 |
| db: | JVNDB | id: | JVNDB-2022-016137 |
| db: | CNNVD | id: | CNNVD-202209-026 |
| db: | NVD | id: | CVE-2022-34379 |
LAST UPDATE DATE
2024-08-14T15:16:30.968000+00:00
SOURCES UPDATE DATE
| db: | VULHUB | id: | VHN-426695 | date: | 2022-09-07T00:00:00 |
| db: | VULMON | id: | CVE-2022-34379 | date: | 2022-09-01T00:00:00 |
| db: | JVNDB | id: | JVNDB-2022-016137 | date: | 2023-10-02T08:10:00 |
| db: | CNNVD | id: | CNNVD-202209-026 | date: | 2022-09-08T00:00:00 |
| db: | NVD | id: | CVE-2022-34379 | date: | 2022-09-07T15:00:00.643 |
SOURCES RELEASE DATE
| db: | VULHUB | id: | VHN-426695 | date: | 2022-09-01T00:00:00 |
| db: | VULMON | id: | CVE-2022-34379 | date: | 2022-09-01T00:00:00 |
| db: | JVNDB | id: | JVNDB-2022-016137 | date: | 2023-10-02T00:00:00 |
| db: | CNNVD | id: | CNNVD-202209-026 | date: | 2022-09-01T00:00:00 |
| db: | NVD | id: | CVE-2022-34379 | date: | 2022-09-01T19:15:12.470 |