Details of VAR-202210-0838

ID

VAR-202210-0838

CVE

CVE-2022-33919

TITLE

Dell's geodrive Vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2022-018516

DESCRIPTION

Dell GeoDrive, versions 2.1 - 2.2, contains an information disclosure vulnerability in GUI. An authenticated non-admin user could potentially exploit this vulnerability and view sensitive information. Dell's geodrive Exists in unspecified vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Dell GeoDrive is a free application from Dell, Inc., USA. Dell EMC ECS and Atmos storage can be accessed from Microsoft Windows desktops and servers

Trust: 1.71

sources: NVD: CVE-2022-33919 // JVNDB: JVNDB-2022-018516 // VULHUB: VHN-426111

AFFECTED PRODUCTS

vendor:	dell	model:	geodrive	scope:	lt	version:	2.2.3	Trust: 1.0
vendor:	dell	model:	geodrive	scope:	gte	version:	2.1.0	Trust: 1.0
vendor:	デル	model:	geodrive	scope:	eq	version:	-	Trust: 0.8
vendor:	デル	model:	geodrive	scope:	-	version:	-	Trust: 0.8
vendor:	デル	model:	geodrive	scope:	eq	version:	2.1.0 that's all 2.2.3	Trust: 0.8

sources: JVNDB: JVNDB-2022-018516 // NVD: CVE-2022-33919

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2022-33919
value:	HIGH
Trust: 1.0
security_alert@emc.com:	CVE-2022-33919
value:	HIGH
Trust: 1.0
NVD:	CVE-2022-33919
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-202210-758
value:	HIGH
Trust: 0.6

nvd@nist.gov:	CVE-2022-33919
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.1
Trust: 2.0
NVD:	CVE-2022-33919
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: JVNDB: JVNDB-2022-018516 // CNNVD: CNNVD-202210-758 // NVD: CVE-2022-33919 // NVD: CVE-2022-33919

PROBLEMTYPE DATA

problemtype:	CWE-200	Trust: 1.0
problemtype:	NVD-CWE-Other	Trust: 1.0
problemtype:	others (CWE-Other) [NVD evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2022-018516 // NVD: CVE-2022-33919

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202210-758

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202210-758

PATCH

title:

Dell GeoDrive Security vulnerabilities

url:

http://123.124.177.30/web/xxk/bdxqById.tag?id=210862

Trust: 0.6

sources: CNNVD: CNNVD-202210-758

EXTERNAL IDS

db:	NVD	id:	CVE-2022-33919	Trust: 3.3
db:	JVNDB	id:	JVNDB-2022-018516	Trust: 0.8
db:	CNNVD	id:	CNNVD-202210-758	Trust: 0.7
db:	VULHUB	id:	VHN-426111	Trust: 0.1

sources: VULHUB: VHN-426111 // JVNDB: JVNDB-2022-018516 // CNNVD: CNNVD-202210-758 // NVD: CVE-2022-33919

REFERENCES

url:	https://www.dell.com/support/kbdoc/000203632	Trust: 2.5
url:	https://nvd.nist.gov/vuln/detail/cve-2022-33919	Trust: 0.8
url:	https://cxsecurity.com/cveshow/cve-2022-33919/	Trust: 0.6

sources: VULHUB: VHN-426111 // JVNDB: JVNDB-2022-018516 // CNNVD: CNNVD-202210-758 // NVD: CVE-2022-33919

SOURCES

db:	VULHUB	id:	VHN-426111
db:	JVNDB	id:	JVNDB-2022-018516
db:	CNNVD	id:	CNNVD-202210-758
db:	NVD	id:	CVE-2022-33919

LAST UPDATE DATE

2024-08-14T14:43:40.881000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-426111	date:	2022-10-14T00:00:00
db:	JVNDB	id:	JVNDB-2022-018516	date:	2023-10-20T05:51:00
db:	CNNVD	id:	CNNVD-202210-758	date:	2022-10-17T00:00:00
db:	NVD	id:	CVE-2022-33919	date:	2022-10-14T14:16:32.707

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-426111	date:	2022-10-12T00:00:00
db:	JVNDB	id:	JVNDB-2022-018516	date:	2023-10-20T00:00:00
db:	CNNVD	id:	CNNVD-202210-758	date:	2022-10-12T00:00:00
db:	NVD	id:	CVE-2022-33919	date:	2022-10-12T20:15:10.770