CVE-2022-34462

Name of the Vulnerable Software and Affected Versions Dell EMC SCG Policy Manager versions 5.10 through 5.12

Description The issue is related to a hard-coded password vulnerability. An attacker with knowledge of the hard-coded credentials could exploit this to login to the system and gain admin privileges. The vulnerability is also associated with the use of a hard-coded cryptographic key, which could allow an attacker to elevate their privileges.

Recommendations For versions 5.10 through 5.12, consider disabling the use of hard-coded credentials as a temporary workaround until a patch is available. Restrict access to the system to minimize the risk of exploitation. Avoid using the hard-coded cryptographic key in the affected system until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.