Article Number: 000203632
High
Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
CVE-2022-33919 | Dell GeoDrive, versions 2.1 - 2.2 contain an information disclosure vulnerability in UI. An authenticated nonadmin user may potentially exploit this vulnerability and view sensitive information. | 7.8 | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
CVE-2022-33920 | Dell GeoDrive versions before 2.2 contain Unquoted File Path Vulnerabilities. A low privilege attacker may potentially exploit this vulnerability, leading to execution of arbitrary code in the SYSTEM security context. | 7.8 | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
CVE-2022-33937 | Dell GeoDrive versions before 2.2 contain a Path Traversal Vulnerability in the reporting function. A local, low privileged attacker may potentially exploit this vulnerability, to gain unauthorized delete access to the files stored on the server file system, with the privileges of the GeoDrive service: NT AUTHORITY\SYSTEM | 7.1 | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H |
CVE-2022-33921 | Dell GeoDrive versions before 2.2 contain Multiple DLL Hijacking Vulnerabilities. A low privilege attacker may potentially exploit this vulnerability, leading to execution of arbitrary code in the SYSTEM security context. | 7 | CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H |
CVE-2022-33922 | Dell GeoDrive versions before 2.2 contains Insecure File and Folder Permissions vulnerabilities. A low privilege attacker may potentially exploit this vulnerability, leading to the execution of arbitrary code in the SYSTEM security context. Dell Technologies recommends customers to upgrade at the earliest opportunity. | 7 | CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H |
CVE-2022-33918 | Dell GeoDrive versions 2.1 - 2.2 contain an information disclosure vulnerability. An authenticated nonadmin user may potentially exploit this vulnerability and gain access to sensitive information. | 5.5 | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
CVE-2022-33919 | Dell GeoDrive, versions 2.1 - 2.2 contain an information disclosure vulnerability in UI. An authenticated nonadmin user may potentially exploit this vulnerability and view sensitive information. | 7.8 | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
CVE-2022-33920 | Dell GeoDrive versions before 2.2 contain Unquoted File Path Vulnerabilities. A low privilege attacker may potentially exploit this vulnerability, leading to execution of arbitrary code in the SYSTEM security context. | 7.8 | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
CVE-2022-33937 | Dell GeoDrive versions before 2.2 contain a Path Traversal Vulnerability in the reporting function. A local, low privileged attacker may potentially exploit this vulnerability, to gain unauthorized delete access to the files stored on the server file system, with the privileges of the GeoDrive service: NT AUTHORITY\SYSTEM | 7.1 | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H |
CVE-2022-33921 | Dell GeoDrive versions before 2.2 contain Multiple DLL Hijacking Vulnerabilities. A low privilege attacker may potentially exploit this vulnerability, leading to execution of arbitrary code in the SYSTEM security context. | 7 | CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H |
CVE-2022-33922 | Dell GeoDrive versions before 2.2 contains Insecure File and Folder Permissions vulnerabilities. A low privilege attacker may potentially exploit this vulnerability, leading to the execution of arbitrary code in the SYSTEM security context. Dell Technologies recommends customers to upgrade at the earliest opportunity. | 7 | CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H |
CVE-2022-33918 | Dell GeoDrive versions 2.1 - 2.2 contain an information disclosure vulnerability. An authenticated nonadmin user may potentially exploit this vulnerability and gain access to sensitive information. | 5.5 | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
Product | Affected Versions | Updated Versions | Link to Update |
Dell GeoDrive | GeoDrive versions before 2.2-P2 | GeoDrive 2.2-P3 | https://www.dell.com/support/home/product-support/product/atmos-geodrive-for-windows/drivers |
Product | Affected Versions | Updated Versions | Link to Update |
Dell GeoDrive | GeoDrive versions before 2.2-P2 | GeoDrive 2.2-P3 | https://www.dell.com/support/home/product-support/product/atmos-geodrive-for-windows/drivers |
Revision | Date | Description |
1.0 | 2022-09-22 | Initial Release |
Product Security Information
22 Sep 2022
1
Dell Security Advisory