Vulnerabilities > CVE-2022-34452 - Exposure of Resource to Wrong Sphere vulnerability in Dell Powerpath Management Appliance

CVSS 2.7 - LOW

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

HIGH

Confidentiality impact

LOW

Integrity impact

NONE

Availability impact

NONE

network

low complexity

dell

CWE-668

NVD

Published: 2023-02-10

Updated: 2023-11-07

Summary

PowerPath Management Appliance with versions 3.3, 3.2*, 3.1 & 3.0* contains sensitive information disclosure vulnerability. An Authenticated admin user can able to exploit the issue and view sensitive information stored in the logs.

Vulnerable Configurations

Part	Description	Count
Application	Dell Dell Powerpath Management Appliance 3.0 Dell Powerpath Management Appliance 3.1 Dell Powerpath Management Appliance 3.2 Dell Powerpath Management Appliance 3.3	7

Common Weakness Enumeration (CWE)

CWE-668 - Exposure of Resource to Wrong Sphere

References

https://www.dell.com/support/kbdoc/en-us/000205404/dsa-2022-283-powerpath-management-appliance-security-update-for-multiple-security-vulnerabilities