CVE-2022-22551

CVSS 8.3 HIGHEPSS 0.4%CWE-598

DELL EMC AppSync versions 3.9 to 4.3 use GET request method with sensitive query strings. An Adjacent, unauthenticated attacker could potentially exploit this vulnerability, and hijack the victim session.

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H

Affected products

Dell · AppSync

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://www.dell.com/support/kbdoc/000195377