DSA-2026-163: Security Update for Dell AppSync Vulnerabilities
요약: Dell AppSync remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.
이 문서는 다음에 적용됩니다.
이 문서는 다음에 적용되지 않습니다.
이 문서는 특정 제품과 관련이 없습니다.
모든 제품 버전이 이 문서에 나와 있는 것은 아닙니다.
영향
High
세부 정보
| Third-party Component | CVEs | More Information |
| KEYCLOAK | CVE-2022-4137 | https://nvd.nist.gov/vuln/search  |
| Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
| CVE-2026-22767 | Dell AppSync, version(s) 4.6.0, contain(s) an UNIX Symbolic Link (Symlink) Following vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information tampering. | 7.3 | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H |
| CVE-2026-22768 | Dell AppSync, version(s) 4.6.0, contain(s) an Incorrect Permission Assignment for Critical Resource vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges. | 7.3 | CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H |
| Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
| CVE-2026-22767 | Dell AppSync, version(s) 4.6.0, contain(s) an UNIX Symbolic Link (Symlink) Following vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information tampering. | 7.3 | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H |
| CVE-2026-22768 | Dell AppSync, version(s) 4.6.0, contain(s) an Incorrect Permission Assignment for Critical Resource vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges. | 7.3 | CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H |
영향을 받는 제품 및 문제 해결
| Product | Affected Versions | Remediated Versions | Link |
| Dell AppSync | Versions prior to 4.6.1.0 | Version 4.6.1.0 or later | https://www.dell.com/support/home/product-support/product/appsync/drivers |
| Product | Affected Versions | Remediated Versions | Link |
| Dell AppSync | Versions prior to 4.6.1.0 | Version 4.6.1.0 or later | https://www.dell.com/support/home/product-support/product/appsync/drivers |
개정 내역
| Revision | Date | Description |
| 1.0 | 2026-04-01 | Initial Release |
| 2.0 | 2026-04-08 | Updated Affected versions |
감사의 말
CVE-2026-22768: Dell would like to thank Marius Gabriel Mihai for reporting this issue.
CVE-2026-22767: Dell would like to thank falconCorrup for reporting this issue.
관련 정보
법적 고지 사항
해당 제품
AppSync, AppSync문서 속성
문서 번호: 000446965
문서 유형: Dell Security Advisory
마지막 수정 시간: 07 4월 2026
다른 Dell 사용자에게 질문에 대한 답변 찾기
지원 서비스
디바이스에 지원 서비스가 적용되는지 확인하십시오.