cbcvebase.

Dell Cyber Recovery vulnerabilities

3 known vulnerabilities affecting dell/cyber_recovery.

Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH1MEDIUM1

Vulnerabilities

Page 1 of 1
CVE-2022-34372P2CRITICALCVSS 9.1≥ unspecified, < 19.112022-09-01
CVE-2022-34372 [CRITICAL] CWE-288 CVE-2022-34372: Dell PowerProtect Cyber Recovery versions before 19.11.0.2 contain an authentication bypass vulnerab Dell PowerProtect Cyber Recovery versions before 19.11.0.2 contain an authentication bypass vulnerability. A remote unauthenticated attacker may potentially access and interact with the docker registry API leading to an authentication bypass. The attacker may potentially alter the docker images leading to a loss of integrity and confidentiality
nvd
CVE-2022-32481P3HIGHCVSS 7.8≥ unspecified, < 19.112022-07-07
CVE-2022-32481 [HIGH] CVE-2022-32481: Dell PowerProtect Cyber Recovery, versions prior to 19.11, contain a privilege escalation vulnerabil Dell PowerProtect Cyber Recovery, versions prior to 19.11, contain a privilege escalation vulnerability on virtual appliance deployments. A lower-privileged authenticated user can chain docker commands to escalate privileges to root leading to complete system takeover.
nvd
CVE-2021-21512P4MEDIUMCVSS 6.0≥ unspecified, < 19.7.0.22021-02-19
CVE-2021-21512 [MEDIUM] CWE-200 CVE-2021-21512: Dell EMC PowerProtect Cyber Recovery, version 19.7.0.1, contains an Information Disclosure vulnerabi Dell EMC PowerProtect Cyber Recovery, version 19.7.0.1, contains an Information Disclosure vulnerability. A locally authenticated high privileged Cyber Recovery user may potentially exploit this vulnerability leading to the takeover of the notification email account.
nvd
Dell Cyber Recovery vulnerabilities | cvebase