Vulnerability Details CVE-2022-45102
Dell EMC Data Protection Central, versions 19.1 through 19.7, contains a Host Header Injection vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability by injecting arbitrary \u2018Host\u2019 header values to poison a web cache or trigger redirections.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 52.3%
CVSS Severity
CVSS v3 Score 5.4
References
Products affected by CVE-2022-45102
-
cpe:2.3:a:dell:emc_data_protection_central:19.1
-
cpe:2.3:a:dell:emc_data_protection_central:19.3
-
cpe:2.3:a:dell:emc_data_protection_central:19.4
-
cpe:2.3:a:dell:emc_data_protection_central:19.5
-
cpe:2.3:a:dell:emc_data_protection_central:19.6
-
cpe:2.3:a:dell:emc_data_protection_central:19.7
-
cpe:2.3:h:dell:dp4400:-
-
cpe:2.3:h:dell:dp5900:-
-
cpe:2.3:o:dell:dp4400_firmware:2.5
-
cpe:2.3:o:dell:dp4400_firmware:2.6
-
cpe:2.3:o:dell:dp4400_firmware:2.7
-
cpe:2.3:o:dell:dp5900_firmware:2.5
-
cpe:2.3:o:dell:dp5900_firmware:2.6
-
cpe:2.3:o:dell:dp5900_firmware:2.7