What is CVE-2022-34397?

CVE-2022-34397 is a medium-severity vulnerability in Dell Unisphere For Powermax, classified under Incorrect Authorization. CVSS score: 6.9/10. Published 2023-02-13.

How severe is CVE-2022-34397?

Medium severity. CVSS v3 base score is 6.9 out of 10.

Auth bypass in Dell Unisphere For Powermax

CVE-2022-34397

Dell Unisphere for PowerMax vApp, VASA Provider vApp, and Solution Enabler vApp version 10.0.0.5 and below contains an authorization bypass vulnerability, allowing users to perform actions in which they are not authorized.

Vulnerability class: Broken Access Control

EPSS: 0.001 (19.3th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.9 (Medium). Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:C/C:L/I:H/A:N.

Affected products

Dell Unisphere For Powermax — versions 0

Weakness classification (CWE)

CWE-863 — Incorrect Authorization

References

www.dell.com/support/kbdoc/en-us/000207177/dsa-2022-340-dell-unisphere-for-powe… (vendor-advisory)

Frequently asked questions

What is CVE-2022-34397?: CVE-2022-34397 is a medium-severity vulnerability in Dell Unisphere For Powermax, classified under Incorrect Authorization. CVSS score: 6.9/10. Published 2023-02-13.
How severe is CVE-2022-34397?: Medium severity. CVSS v3 base score is 6.9 out of 10.