Vulnerability Details CVE-2022-32481
Dell PowerProtect Cyber Recovery, versions prior to 19.11, contain a privilege escalation vulnerability on virtual appliance deployments. A lower-privileged authenticated user can chain docker commands to escalate privileges to root leading to complete system takeover.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 13.3%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 7.2
Products affected by CVE-2022-32481
-
cpe:2.3:a:dell:powerprotect_cyber_recovery:-
-
cpe:2.3:a:dell:powerprotect_cyber_recovery:18.1
-
cpe:2.3:a:dell:powerprotect_cyber_recovery:18.1.0-532
-
cpe:2.3:a:dell:powerprotect_cyber_recovery:18.1.1.0
-
cpe:2.3:a:dell:powerprotect_cyber_recovery:18.1.1.1
-
cpe:2.3:a:dell:powerprotect_cyber_recovery:18.1.1.2
-
cpe:2.3:a:dell:powerprotect_cyber_recovery:18.1.1.3
-
cpe:2.3:a:dell:powerprotect_cyber_recovery:18.1.1.4
-
cpe:2.3:a:dell:powerprotect_cyber_recovery:18.1.1.7
-
cpe:2.3:a:dell:powerprotect_cyber_recovery:19.1
-
cpe:2.3:a:dell:powerprotect_cyber_recovery:19.1.0.2
-
cpe:2.3:a:dell:powerprotect_cyber_recovery:19.1.0.4
-
cpe:2.3:a:dell:powerprotect_cyber_recovery:19.1.0.5
-
cpe:2.3:a:dell:powerprotect_cyber_recovery:19.1.0.6
-
cpe:2.3:a:dell:powerprotect_cyber_recovery:19.1.0.9
-
cpe:2.3:a:dell:powerprotect_cyber_recovery:19.10
-
cpe:2.3:a:dell:powerprotect_cyber_recovery:19.2
-
cpe:2.3:a:dell:powerprotect_cyber_recovery:19.2.0.2
-
cpe:2.3:a:dell:powerprotect_cyber_recovery:19.3
-
cpe:2.3:a:dell:powerprotect_cyber_recovery:19.4
-
cpe:2.3:a:dell:powerprotect_cyber_recovery:19.5
-
cpe:2.3:a:dell:powerprotect_cyber_recovery:19.6
-
cpe:2.3:a:dell:powerprotect_cyber_recovery:19.7
-
cpe:2.3:a:dell:powerprotect_cyber_recovery:19.8
-
cpe:2.3:a:dell:powerprotect_cyber_recovery:19.9