Details of VAR-202210-0583

ID

VAR-202210-0583

CVE

CVE-2022-34432

TITLE

Dell's Dell Hybrid Client Vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2022-018855

DESCRIPTION

Dell Hybrid Client below 1.8 version contains a gedit vulnerability. A guest attacker could potentially exploit this vulnerability, allowing deletion of user and some system files and folders. Dell's Dell Hybrid Client Exists in unspecified vulnerabilities.Information is tampered with and service operation is interrupted (DoS) It may be in a state

Trust: 1.71

sources: NVD: CVE-2022-34432 // JVNDB: JVNDB-2022-018855 // VULHUB: VHN-426748

AFFECTED PRODUCTS

vendor:	dell	model:	hybrid client	scope:	lt	version:	1.8	Trust: 1.0
vendor:	dell	model:	hybrid client	scope:	gte	version:	1.5	Trust: 1.0
vendor:	デル	model:	dell hybrid client	scope:	eq	version:	-	Trust: 0.8
vendor:	デル	model:	dell hybrid client	scope:	-	version:	-	Trust: 0.8
vendor:	デル	model:	dell hybrid client	scope:	eq	version:	1.5 that's all 1.8	Trust: 0.8

sources: JVNDB: JVNDB-2022-018855 // NVD: CVE-2022-34432

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2022-34432
value:	HIGH
Trust: 1.0
security_alert@emc.com:	CVE-2022-34432
value:	HIGH
Trust: 1.0
NVD:	CVE-2022-34432
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-202210-526
value:	HIGH
Trust: 0.6

nvd@nist.gov:	CVE-2022-34432
baseSeverity:	HIGH
baseScore:	8.2
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	HIGH
availabilityImpact:	LOW
exploitabilityScore:	3.9
impactScore:	4.2
version:	3.1
Trust: 1.0
security_alert@emc.com:	CVE-2022-34432
baseSeverity:	HIGH
baseScore:	7.3
vectorString:	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	LOW
integrityImpact:	HIGH
availabilityImpact:	LOW
exploitabilityScore:	2.5
impactScore:	4.7
version:	3.1
Trust: 1.0
NVD:	CVE-2022-34432
baseSeverity:	HIGH
baseScore:	8.2
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	HIGH
availabilityImpact:	LOW
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: JVNDB: JVNDB-2022-018855 // CNNVD: CNNVD-202210-526 // NVD: CVE-2022-34432 // NVD: CVE-2022-34432

PROBLEMTYPE DATA

problemtype:	NVD-CWE-noinfo	Trust: 1.0
problemtype:	CWE-77	Trust: 1.0
problemtype:	Lack of information (CWE-noinfo) [NVD evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2022-018855 // NVD: CVE-2022-34432

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202210-526

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202210-526

PATCH

title:

Dell Hybrid Client Security vulnerabilities

url:

http://123.124.177.30/web/xxk/bdxqById.tag?id=210601

Trust: 0.6

sources: CNNVD: CNNVD-202210-526

EXTERNAL IDS

db:	NVD	id:	CVE-2022-34432	Trust: 3.3
db:	JVNDB	id:	JVNDB-2022-018855	Trust: 0.8
db:	CNNVD	id:	CNNVD-202210-526	Trust: 0.6
db:	VULHUB	id:	VHN-426748	Trust: 0.1

sources: VULHUB: VHN-426748 // JVNDB: JVNDB-2022-018855 // CNNVD: CNNVD-202210-526 // NVD: CVE-2022-34432

REFERENCES

url:	https://www.dell.com/support/kbdoc/en-us/000203345/dsa-2022-260-dell-hybrid-client-security-update-for-multiple-vulnerabilities	Trust: 2.5
url:	https://nvd.nist.gov/vuln/detail/cve-2022-34432	Trust: 0.8
url:	https://cxsecurity.com/cveshow/cve-2022-34432/	Trust: 0.6

sources: VULHUB: VHN-426748 // JVNDB: JVNDB-2022-018855 // CNNVD: CNNVD-202210-526 // NVD: CVE-2022-34432

SOURCES

db:	VULHUB	id:	VHN-426748
db:	JVNDB	id:	JVNDB-2022-018855
db:	CNNVD	id:	CNNVD-202210-526
db:	NVD	id:	CVE-2022-34432

LAST UPDATE DATE

2024-08-14T14:24:29.569000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-426748	date:	2022-10-13T00:00:00
db:	JVNDB	id:	JVNDB-2022-018855	date:	2023-10-23T08:13:00
db:	CNNVD	id:	CNNVD-202210-526	date:	2022-10-14T00:00:00
db:	NVD	id:	CVE-2022-34432	date:	2022-10-13T16:29:32.710

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-426748	date:	2022-10-11T00:00:00
db:	JVNDB	id:	JVNDB-2022-018855	date:	2023-10-23T00:00:00
db:	CNNVD	id:	CNNVD-202210-526	date:	2022-10-11T00:00:00
db:	NVD	id:	CVE-2022-34432	date:	2022-10-11T17:15:11.347