Dell Appsync
11 CVEs affecting Dell Appsync. Latest disclosed: 2026-04-01. Critical: 0, High: 5.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2022-22551 | High | 8.3 | 2022-01-21 | DELL EMC AppSync versions 3.9 to 4.3 use GET request method with sensitive query strings. An Adjacent, unauthenticated attacker could potentially exploit this… |
CVE-2022-22553 | High | 8.1 | 2022-01-21 | Dell EMC AppSync versions 3.9 to 4.3 contain an Improper Restriction of Excessive Authentication Attempts Vulnerability that can be exploited from UI and CLI… |
CVE-2022-24424 | High | 7.5 | 2022-04-21 | Dell EMC AppSync versions from 3.9 to 4.3 contain a path traversal vulnerability in AppSync server. A remote unauthenticated attacker may potentially exploit t… |
CVE-2026-22768 | High | 7.3 | 2026-04-01 | Dell AppSync, version(s) 4.6.0, contain(s) an Incorrect Permission Assignment for Critical Resource vulnerability. A low privileged attacker with local access… |
CVE-2026-22767 | High | 7.3 | 2026-04-01 | Dell AppSync, version(s) 4.6.0, contain(s) an UNIX Symbolic Link (Symlink) Following vulnerability. A low privileged attacker with local access could potential… |
CVE-2022-22552 | Medium | 6.9 | 2022-01-21 | Dell EMC AppSync versions 3.9 to 4.3 contain a clickjacking vulnerability in AppSync. A remote unauthenticated attacker could potentially exploit this vulnerab… |
CVE-2025-32744 | Medium | 6.6 | 2025-07-21 | Dell AppSync, version(s) 4.6.0.0, contains an Unrestricted Upload of File with Dangerous Type vulnerability. A high privileged attacker with remote access coul… |
CVE-2024-22464 | Medium | 6.2 | 2024-02-08 | Dell EMC AppSync, versions from 4.2.0.0 to 4.6.0.0 including all Service Pack releases, contain an exposure of sensitive information vulnerability in AppSync… |
CVE-2024-52542 | Medium | 4.4 | 2024-12-17 | Dell AppSync, version 4.6.0.x, contain a Symbolic Link (Symlink) Following vulnerability. A low privileged attacker with local access could potentially exploit… |
CVE-2025-36603 | Medium | 4.2 | 2025-07-21 | Dell AppSync, version(s) 4.6.0.0, contains an Improper Restriction of XML External Entity Reference vulnerability. A low privileged attacker with local access… |
CVE-2024-39586 | Low | 2.9 | 2024-10-09 | Dell AppSync Server, version 4.3 through 4.6, contains an XML External Entity Injection vulnerability. An adjacent high privileged attacker could potentially e… |