Vulnerability Details CVE-2022-34442
Dell EMC SCG Policy Manager, versions from 5.10 to 5.12, contain(s) a contain a Hard-coded Cryptographic Key vulnerability. An attacker with the knowledge of the hard-coded sensitive information, could potentially exploit this vulnerability to login to the system to gain LDAP user privileges.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 17.9%
CVSS Severity
CVSS v3 Score 8.0
References
- https://www.dell.com/support/kbdoc/en-us/000204995/dsa-2022-273-dell-secure-connect-gateway-policy-manager-security-update-for-multiple-proprietary-code-vulnerabilities
- https://www.dell.com/support/kbdoc/en-us/000204995/dsa-2022-273-dell-secure-connect-gateway-policy-manager-security-update-for-multiple-proprietary-code-vulnerabilities
Products affected by CVE-2022-34442
-
cpe:2.3:a:dell:policy_manager_for_secure_connect_gateway:5.10.00.00
-
cpe:2.3:a:dell:policy_manager_for_secure_connect_gateway:5.10.00.10
-
cpe:2.3:a:dell:policy_manager_for_secure_connect_gateway:5.12.00.00
-
cpe:2.3:a:dell:policy_manager_for_secure_connect_gateway:5.12.00.10