CVE-2022-34380

Name of the Vulnerable Software and Affected Versions Dell CloudLink versions prior to 7.1.3

Description The issue allows a high privileged local attacker to potentially bypass authentication and access the CloudLink system console, leading to a takeover of the system. This is due to an Authentication Bypass Using an Alternate Path or Channel vulnerability.

Recommendations For versions prior to 7.1.3, update to version 7.1.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the CloudLink system console to minimize the risk of exploitation.