Impact
High
Details
Proprietary Code CVEs |
Description |
CVSS Base Score |
CVSS Vector String |
CVE-2022-33919 |
Dell GeoDrive, versions 2.1 - 2.2 contain an information disclosure vulnerability in UI. An authenticated nonadmin user may potentially exploit this vulnerability and view sensitive information. |
7.8 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
CVE-2022-33920 |
Dell GeoDrive versions before 2.2 contain Unquoted File Path Vulnerabilities. A low privilege attacker may potentially exploit this vulnerability, leading to execution of arbitrary code in the SYSTEM security context. |
7.8 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
CVE-2022-33937 |
Dell GeoDrive versions before 2.2 contain a Path Traversal Vulnerability in the reporting function. A local, low privileged attacker may potentially exploit this vulnerability, to gain unauthorized delete access to the files stored on the server file system, with the privileges of the GeoDrive service: NT AUTHORITY\SYSTEM |
7.1 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H |
CVE-2022-33921 |
Dell GeoDrive versions before 2.2 contain Multiple DLL Hijacking Vulnerabilities. A low privilege attacker may potentially exploit this vulnerability, leading to execution of arbitrary code in the SYSTEM security context. |
7 |
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H |
CVE-2022-33922 |
Dell GeoDrive versions before 2.2 contains Insecure File and Folder Permissions vulnerabilities. A low privilege attacker may potentially exploit this vulnerability, leading to the execution of arbitrary code in the SYSTEM security context. Dell Technologies recommends customers to upgrade at the earliest opportunity. |
7 |
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H |
CVE-2022-33918 |
Dell GeoDrive versions 2.1 - 2.2 contain an information disclosure vulnerability. An authenticated nonadmin user may potentially exploit this vulnerability and gain access to sensitive information. |
5.5 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
Proprietary Code CVEs |
Description |
CVSS Base Score |
CVSS Vector String |
CVE-2022-33919 |
Dell GeoDrive, versions 2.1 - 2.2 contain an information disclosure vulnerability in UI. An authenticated nonadmin user may potentially exploit this vulnerability and view sensitive information. |
7.8 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
CVE-2022-33920 |
Dell GeoDrive versions before 2.2 contain Unquoted File Path Vulnerabilities. A low privilege attacker may potentially exploit this vulnerability, leading to execution of arbitrary code in the SYSTEM security context. |
7.8 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
CVE-2022-33937 |
Dell GeoDrive versions before 2.2 contain a Path Traversal Vulnerability in the reporting function. A local, low privileged attacker may potentially exploit this vulnerability, to gain unauthorized delete access to the files stored on the server file system, with the privileges of the GeoDrive service: NT AUTHORITY\SYSTEM |
7.1 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H |
CVE-2022-33921 |
Dell GeoDrive versions before 2.2 contain Multiple DLL Hijacking Vulnerabilities. A low privilege attacker may potentially exploit this vulnerability, leading to execution of arbitrary code in the SYSTEM security context. |
7 |
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H |
CVE-2022-33922 |
Dell GeoDrive versions before 2.2 contains Insecure File and Folder Permissions vulnerabilities. A low privilege attacker may potentially exploit this vulnerability, leading to the execution of arbitrary code in the SYSTEM security context. Dell Technologies recommends customers to upgrade at the earliest opportunity. |
7 |
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H |
CVE-2022-33918 |
Dell GeoDrive versions 2.1 - 2.2 contain an information disclosure vulnerability. An authenticated nonadmin user may potentially exploit this vulnerability and gain access to sensitive information. |
5.5 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.
Revision History
Revision | Date | Description |
1.0 | 2022-09-22 | Initial Release |
Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide
Affected Products
Product Security Information