Risk | High |
Patch available | YES |
Number of vulnerabilities | 4 |
CVE-ID | CVE-2022-22957 CVE-2022-22958 CVE-2022-22959 CVE-2022-22960 |
CWE-ID | CWE-502 CWE-352 CWE-276 |
Exploitation vector | Network |
Public exploit |
Public exploit code for vulnerability #1 is available. Vulnerability #4 is being exploited in the wild. |
Vulnerable software |
Dell Enterprise Hybrid Cloud Server applications / Virtualization software |
Vendor | Dell |
Security Bulletin
This security bulletin contains information about 4 vulnerabilities.
EUVDB-ID: #VU61932
Risk: Low
CVSSv3.1: 6.7 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C]
CVE-ID: CVE-2022-22957
CWE-ID:
CWE-502 - Deserialization of Untrusted Data
Exploit availability: Yes
DescriptionThe vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability exists due to insecure input validation when processing serialized data passed via the JDBC URI. A remote administrator can pass specially crafted data via the JDBC URI and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall update from vendor's website.
Vulnerable software versionsDell Enterprise Hybrid Cloud: before 4.1.2
CPE2.3 External linksQ & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, a fully functional exploit for this vulnerability is available.
EUVDB-ID: #VU61933
Risk: Low
CVSSv3.1: 6.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-22958
CWE-ID:
CWE-502 - Deserialization of Untrusted Data
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability exists due to insecure input validation when processing serialized data passed via the JDBC URI. A remote administrator can pass specially crafted data via the JDBC URI and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall update from vendor's website.
Vulnerable software versionsDell Enterprise Hybrid Cloud: before 4.1.2
CPE2.3 External linksQ & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU61934
Risk: High
CVSSv3.1: 8.1 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-22959
CWE-ID:
CWE-352 - Cross-Site Request Forgery (CSRF)
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform cross-site request forgery attacks.
The vulnerability exists due to insufficient validation of the HTTP request origin. A remote attacker can trick the victim to visit a specially crafted web page and perform arbitrary actions on behalf of the victim on the vulnerable website and unintentionally validate a malicious JDBC URI.
MitigationInstall update from vendor's website.
Vulnerable software versionsDell Enterprise Hybrid Cloud: before 4.1.2
CPE2.3 External linksQ & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU61935
Risk: Low
CVSSv3.1: 8.4 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:H/RL:O/RC:C]
CVE-ID: CVE-2022-22960
CWE-ID:
CWE-276 - Incorrect Default Permissions
Exploit availability: Yes
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to incorrect default permissions for support scripts. A local user with access to the system can overwrite files and execute arbitrary code with root privileges.
Install update from vendor's website.
Vulnerable software versionsDell Enterprise Hybrid Cloud: before 4.1.2
CPE2.3 External linksQ & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
Yes. This vulnerability is being exploited in the wild.