CVE-2022-34380
First published: Mon Aug 01 2022(Updated: )
Dell CloudLink 7.1.3 and all earlier versions contain an Authentication Bypass Using an Alternate Path or Channel Vulnerability. A high privileged local attacker may potentially exploit this vulnerability leading to authentication bypass and access the CloudLink system console. This is critical severity vulnerability as it allows attacker to take control of the system.
Credit: security_alert@emc.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Dell EMC Cloud Link | <7.1.4 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2022-34380?
CVE-2022-34380 is classified as critical due to the potential for authentication bypass by a high privileged local attacker.
How do I fix CVE-2022-34380?
To mitigate CVE-2022-34380, update Dell CloudLink to version 7.1.4 or later.
Who is affected by CVE-2022-34380?
CVE-2022-34380 affects all versions of Dell CloudLink up to and including 7.1.3.
What systems are vulnerable to CVE-2022-34380?
The vulnerability CVE-2022-34380 impacts systems running Dell CloudLink prior to version 7.1.4.
Is there any workaround for CVE-2022-34380?
There are no documented workarounds for CVE-2022-34380, making an update essential for security.
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/remedy
- agent/last-modified-date
- agent/severity
- agent/author
- agent/weakness
- agent/first-publish-date
- agent/description
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/dell
- canonical/dell emc cloud link