Vulnerability Details CVE-2022-22553
Dell EMC AppSync versions 3.9 to 4.3 contain an Improper Restriction of Excessive Authentication Attempts Vulnerability that can be exploited from UI and CLI. An adjacent unauthenticated attacker could potentially exploit this vulnerability, leading to password brute-forcing. Account takeover is possible if weak passwords are used by users.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 63.5%
CVSS Severity
CVSS v3 Score 8.1
CVSS v2 Score 7.5
References
Products affected by CVE-2022-22553
-
cpe:2.3:a:dell:emc_appsync:3.9.0.0
-
cpe:2.3:a:dell:emc_appsync:4.2.0.0
-
cpe:2.3:a:dell:emc_appsync:4.3.0.0