What is CVE-2022-22551?

CVE-2022-22551 is a high-severity vulnerability in Dell Appsync, classified under CWE-598. CVSS score: 8.3/10. Published 2022-01-21.

How severe is CVE-2022-22551?

High severity. CVSS v3 base score is 8.3 out of 10.

Vulnerability in Dell Appsync

CVE-2022-22551

DELL EMC AppSync versions 3.9 to 4.3 use GET request method with sensitive query strings. An Adjacent, unauthenticated attacker could potentially exploit this vulnerability, and hijack the victim session.

EPSS: 0.001 (33.7th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.3 (High). Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H.

Affected products

Dell Appsync — versions unspecified

Weakness classification (CWE)

CWE-598

References

www.dell.com/support/kbdoc/000195377 (x_refsource_MISC)

Frequently asked questions

What is CVE-2022-22551?: CVE-2022-22551 is a high-severity vulnerability in Dell Appsync, classified under CWE-598. CVSS score: 8.3/10. Published 2022-01-21.
How severe is CVE-2022-22551?: High severity. CVSS v3 base score is 8.3 out of 10.