PT-2022-6303 · Dell Emc · Dell Emc Scg Policy Manager
Mal
·
Published
2022-06-23
·
Updated
2023-01-19
·
CVE-2022-34440
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Dell EMC SCG Policy Manager versions 5.10 through 5.12
Description
The issue is related to a Hard-coded Cryptographic Key. An attacker with knowledge of the hard-coded sensitive information could potentially exploit this to login to the system and gain admin privileges. This could allow the attacker to elevate their privileges.
Recommendations
For versions 5.10 through 5.12, update to a version that does not contain the hard-coded cryptographic key to prevent potential exploitation.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Using Hardcoded Credentials
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Dell Emc Scg Policy Manager