{"containers":{"cna":{"affected":[{"product":"NetWorker Management Console","vendor":"Dell","versions":[{"lessThan":"19.6.1.2","status":"affected","version":"unspecified","versionType":"custom"}]}],"datePublic":"2022-07-21T00:00:00.000Z","descriptions":[{"lang":"en","value":"Dell EMC NetWorker 19.2.1.x 19.3.x, 19.4.x, 19.5.x, 19.6.x and 19.7.0.0 contain an Improper Handling of Insufficient Permissions or Privileges vulnerability. Authenticated non admin user could exploit this vulnerability and gain access to restricted resources."}],"metrics":[{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"LOCAL","availabilityImpact":"LOW","baseScore":6.1,"baseSeverity":"MEDIUM","confidentialityImpact":"HIGH","integrityImpact":"HIGH","privilegesRequired":"HIGH","scope":"UNCHANGED","userInteraction":"REQUIRED","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:L","version":"3.1"}}],"problemTypes":[{"descriptions":[{"cweId":"CWE-280","description":"CWE-280: Improper Handling of Insufficient Permissions or Privileges","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2022-08-30T20:25:14.000Z","orgId":"c550e75a-17ff-4988-97f0-544cde3820fe","shortName":"dell"},"references":[{"tags":["x_refsource_MISC"],"url":"https://www.dell.com/support/kbdoc/en-us/000201652/dsa-2022-194-dell-emc-networker-security-update-for-insufficient-privileges-vulnerability"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"secure@dell.com","DATE_PUBLIC":"2022-07-21","ID":"CVE-2022-34368","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"NetWorker Management Console","version":{"version_data":[{"version_affected":"<","version_value":"19.6.1.2"}]}}]},"vendor_name":"Dell"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Dell EMC NetWorker 19.2.1.x 19.3.x, 19.4.x, 19.5.x, 19.6.x and 19.7.0.0 contain an Improper Handling of Insufficient Permissions or Privileges vulnerability. Authenticated non admin user could exploit this vulnerability and gain access to restricted resources."}]},"impact":{"cvss":{"baseScore":6.1,"baseSeverity":"Medium","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:L","version":"3.1"}},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE-280: Improper Handling of Insufficient Permissions or Privileges"}]}]},"references":{"reference_data":[{"name":"https://www.dell.com/support/kbdoc/en-us/000201652/dsa-2022-194-dell-emc-networker-security-update-for-insufficient-privileges-vulnerability","refsource":"MISC","url":"https://www.dell.com/support/kbdoc/en-us/000201652/dsa-2022-194-dell-emc-networker-security-update-for-insufficient-privileges-vulnerability"}]}}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-03T09:07:16.145Z"},"title":"CVE Program Container","references":[{"tags":["x_refsource_MISC","x_transferred"],"url":"https://www.dell.com/support/kbdoc/en-us/000201652/dsa-2022-194-dell-emc-networker-security-update-for-insufficient-privileges-vulnerability"}]}]},"cveMetadata":{"assignerOrgId":"c550e75a-17ff-4988-97f0-544cde3820fe","assignerShortName":"dell","cveId":"CVE-2022-34368","datePublished":"2022-08-30T20:25:15.078Z","dateReserved":"2022-06-23T00:00:00.000Z","dateUpdated":"2024-09-17T03:17:21.916Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}