Artikelnummer: 000197433
High
| Proprietary Code CVE | Description | CVSS Base Score | CVSS Vector String |
| CVE-2022-24424 | Dell EMC AppSync versions from 3.9 to 4.3 contain a path traversal vulnerability in AppSync server. A remote unauthenticated attacker may potentially exploit this vulnerability to gain unauthorized read access to the files stored on the server filesystem, with the privileges of the running web application. | 7.5 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
| Proprietary Code CVE | Description | CVSS Base Score | CVSS Vector String |
| CVE-2022-24424 | Dell EMC AppSync versions from 3.9 to 4.3 contain a path traversal vulnerability in AppSync server. A remote unauthenticated attacker may potentially exploit this vulnerability to gain unauthorized read access to the files stored on the server filesystem, with the privileges of the running web application. | 7.5 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
| Product | Affected Versions | Updated Versions | Link to Update | |
| Dell EMC AppSync | Versions 3.9.0.0 to 4.3.0.0 | 4.4.0.0 | https://dl.dell.com/downloads/DL107581 | |
| Product | Affected Versions | Updated Versions | Link to Update | |
| Dell EMC AppSync | Versions 3.9.0.0 to 4.3.0.0 | 4.4.0.0 | https://dl.dell.com/downloads/DL107581 | |
| Revision | Date | Description |
| 1.0 | 2022-03-16 | Initial Release |
Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide
AppSync, AppSync, Product Security Information
16 mrt 2022
1
Dell Security Advisory