DELL EMC AppSync versions 3.9 to 4.3 use GET request method with sensitive query strings. An Adjacent, unauthenticated attacker could potentially exploit this vulnerability, and hijack the victim session.
References
Link | Resource |
---|---|
https://www.dell.com/support/kbdoc/000195377 | Patch Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: dell
Published: 2022-01-19T00:00:00
Updated: 2022-01-21T20:15:20
Reserved: 2022-01-04T00:00:00
Link: CVE-2022-22551
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-01-21T21:15:09.107
Modified: 2022-01-27T15:00:26.993
Link: CVE-2022-22551
JSON object: View
Redhat Information
No data.