Lucene search

DellCVE-2022-34373

HistoryAug 31, 2022 - 8:15 p.m.

CVE-2022-34373

2022-08-3120:15:08

CWE-22

dell

web.nvd.nist.gov

dell

command

integration

suite

system center

cve-2022-34373

arbitrary file write vulnerability

nvd

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

7.6

Confidence

High

EPSS

Percentile

9.9%

JSON

Dell Command | Integration Suite for System Center, versions prior to 6.2.0, contains arbitrary file write vulnerability. A locally authenticated malicious user could potentially exploit this vulnerability in order to perform an arbitrary write as system.

Affected configurations

Nvd

Vulners

Node

dellcommand_\|_integration_suite_for_system_centerRange<6.2.0

VendorProductVersionCPE
dellcommand_\|_integration_suite_for_system_center*cpe:2.3:a:dell:command_\|_integration_suite_for_system_center:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
dell	command_\\|_integration_suite_for_system_center	*	cpe:2.3:a:dell:command_\\|_integration_suite_for_system_center::::::::

CNA Affected

[
  {
    "product": "CPG SW",
    "vendor": "Dell",
    "versions": [
      {
        "lessThan": "6.2.0",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

References

www.dell.com/support/kbdoc/000201877

Social References

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

7.6

Confidence

High

EPSS

Percentile

9.9%

JSON

Related for CVE-2022-34373