Dell EMC AppSync versions from 3.9 to 4.3 contain a path traversal vulnerability in AppSync server. A remote unauthenticated attacker may potentially exploit this vulnerability to gain unauthorized read access to the files stored on the server filesystem, with the privileges of the running web application.
References
Link | Resource |
---|---|
https://www.dell.com/support/kbdoc/000197433 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: dell
Published: 2022-03-16T00:00:00
Updated: 2022-04-21T20:50:16
Reserved: 2022-02-04T00:00:00
Link: CVE-2022-24424
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-04-21T21:15:07.870
Modified: 2022-05-03T17:34:26.287
Link: CVE-2022-24424
JSON object: View
Redhat Information
No data.
CWE