Sign-up

ID

VAR-202210-0878


CVE

CVE-2022-33918


TITLE

Dell's  geodrive  Vulnerability in plaintext storage of important information in

Trust: 0.8

sources: JVNDB: JVNDB-2022-018505

DESCRIPTION

Dell GeoDrive, Versions 2.1 - 2.2, contains an information disclosure vulnerability. An authenticated non-admin user could potentially exploit this vulnerability and gain access to sensitive information. Dell's geodrive There is a vulnerability in plaintext storage of important information.Information may be obtained. Dell GeoDrive is a free application from Dell, Inc., USA. Dell EMC ECS and Atmos storage can be accessed from Microsoft Windows desktops and servers

Trust: 1.71

sources: NVD: CVE-2022-33918 // JVNDB: JVNDB-2022-018505 // VULHUB: VHN-426110

AFFECTED PRODUCTS

vendor:dellmodel:geodrivescope:ltversion:2.2.3

Trust: 1.0

vendor:dellmodel:geodrivescope:gteversion:2.1.0

Trust: 1.0

vendor:デルmodel:geodrivescope:eqversion: -

Trust: 0.8

vendor:デルmodel:geodrivescope: - version: -

Trust: 0.8

vendor:デルmodel:geodrivescope:eqversion:2.1.0 that's all 2.2.3

Trust: 0.8

sources: JVNDB: JVNDB-2022-018505 // NVD: CVE-2022-33918

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2022-33918
value: MEDIUM

Trust: 1.0

security_alert@emc.com: CVE-2022-33918
value: MEDIUM

Trust: 1.0

NVD: CVE-2022-33918
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-202210-756
value: MEDIUM

Trust: 0.6

nvd@nist.gov: CVE-2022-33918
baseSeverity: MEDIUM
baseScore: 5.5
vectorString: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 1.8
impactScore: 3.6
version: 3.1

Trust: 2.0

NVD: CVE-2022-33918
baseSeverity: MEDIUM
baseScore: 5.5
vectorString: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: JVNDB: JVNDB-2022-018505 // CNNVD: CNNVD-202210-756 // NVD: CVE-2022-33918 // NVD: CVE-2022-33918

PROBLEMTYPE DATA

problemtype:CWE-312

Trust: 1.1

problemtype:CWE-316

Trust: 1.0

problemtype:Plaintext storage of important information (CWE-312) [NVD evaluation ]

Trust: 0.8

sources: VULHUB: VHN-426110 // JVNDB: JVNDB-2022-018505 // NVD: CVE-2022-33918

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202210-756

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202210-756

PATCH

title:Dell GeoDrive Security vulnerabilitiesurl:http://123.124.177.30/web/xxk/bdxqById.tag?id=210860

Trust: 0.6

sources: CNNVD: CNNVD-202210-756

EXTERNAL IDS

db:NVDid:CVE-2022-33918

Trust: 3.3

db:JVNDBid:JVNDB-2022-018505

Trust: 0.8

db:CNNVDid:CNNVD-202210-756

Trust: 0.7

db:VULHUBid:VHN-426110

Trust: 0.1

sources: VULHUB: VHN-426110 // JVNDB: JVNDB-2022-018505 // CNNVD: CNNVD-202210-756 // NVD: CVE-2022-33918

REFERENCES

url:https://www.dell.com/support/kbdoc/000203632

Trust: 2.5

url:https://nvd.nist.gov/vuln/detail/cve-2022-33918

Trust: 0.8

url:https://cxsecurity.com/cveshow/cve-2022-33918/

Trust: 0.6

sources: VULHUB: VHN-426110 // JVNDB: JVNDB-2022-018505 // CNNVD: CNNVD-202210-756 // NVD: CVE-2022-33918

SOURCES

db:VULHUBid:VHN-426110
db:JVNDBid:JVNDB-2022-018505
db:CNNVDid:CNNVD-202210-756
db:NVDid:CVE-2022-33918

LAST UPDATE DATE

2024-08-14T14:17:40.343000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-426110date:2022-10-14T00:00:00
db:JVNDBid:JVNDB-2022-018505date:2023-10-20T05:03:00
db:CNNVDid:CNNVD-202210-756date:2022-10-17T00:00:00
db:NVDid:CVE-2022-33918date:2022-10-14T14:16:51.193

SOURCES RELEASE DATE

db:VULHUBid:VHN-426110date:2022-10-12T00:00:00
db:JVNDBid:JVNDB-2022-018505date:2023-10-20T00:00:00
db:CNNVDid:CNNVD-202210-756date:2022-10-12T00:00:00
db:NVDid:CVE-2022-33918date:2022-10-12T20:15:10.687