PT-2023-13409 · Dell · Powerpath Management Appliance
Published
2023-02-10
·
Updated
2023-02-21
·
CVE-2022-34449
CVSS v3.1
6.0
Medium
| Vector | AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
PowerPath Management Appliance versions 3.2 through 3.3
Description
The issue allows authenticated admin users to exploit a Hardcoded Cryptographic Keys problem, leading to the ability to view and modify sensitive information stored in the application.
Recommendations
For PowerPath Management Appliance versions 3.2 through 3.3, consider restricting access to sensitive information and modifying settings to limit the impact of hardcoded cryptographic keys until a fix is available.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Using Hardcoded Credentials
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Powerpath Management Appliance