CVE-2022-24414

Dell EMC CloudLink 7.1.3 and all earlier versions, Auth Token is exposed in GET requests. These request parameters can get logged in reverse proxies and server logs. Attackers may potentially use these tokens to access CloudLink server. Tokens should not be used in request URL to avoid such attacks.

CVSS v3 6.5 MEDIUM
CVSS v2.0 4.0 MEDIUM

6.5^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.8 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

4.0^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:S/C:P/I:N/A:N

Exploitability : 8.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
https://www.dell.com/support/kbdoc/en-us/000197425/dsa-2022-064-dell-emc-cloudlink-security-update-for-security-vulnerabilities	Patch Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:dell:cloudlink:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2022-05-26 16:15

Updated : 2024-02-28 19:09

NVD link : CVE-2022-24414

Mitre link : CVE-2022-24414

CVE.ORG link : CVE-2022-24414

JSON object : View

Products Affected

dell

cloudlink

CWE

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

CWE-598

Use of GET Request Method With Sensitive Query Strings

{"id": "CVE-2022-24414", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "authentication": "SINGLE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 2.8}, {"type": "Secondary", "source": "security_alert@emc.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.6, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 4.7, "exploitabilityScore": 2.8}]}, "published": "2022-05-26T16:15:07.920", "references": [{"url": "https://www.dell.com/support/kbdoc/en-us/000197425/dsa-2022-064-dell-emc-cloudlink-security-update-for-security-vulnerabilities", "tags": ["Patch", "Vendor Advisory"], "source": "security_alert@emc.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-200"}]}, {"type": "Secondary", "source": "security_alert@emc.com", "description": [{"lang": "en", "value": "CWE-598"}]}], "descriptions": [{"lang": "en", "value": "Dell EMC CloudLink 7.1.3 and all earlier versions, Auth Token is exposed in GET requests. These request parameters can get logged in reverse proxies and server logs. Attackers may potentially use these tokens to access CloudLink server. Tokens should not be used in request URL to avoid such attacks."}, {"lang": "es", "value": "Dell EMC CloudLink versiones 7.1.3 y todas las versiones anteriores, el token de autenticaci\u00f3n es expuesto en las peticiones GET. Estos par\u00e1metros de petici\u00f3n pueden quedar registrados en los proxies inversos y en los registros del servidor. Los atacantes pueden usar potencialmente estos tokens para acceder al servidor de CloudLink. Los tokens no deben ser usados en la URL de la petici\u00f3n para evitar tales ataques"}], "lastModified": "2022-06-07T17:21:15.767", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:dell:cloudlink:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E7C03153-CEE0-40A7-A11E-23F33E28FA2F", "versionEndIncluding": "7.1.3"}], "operator": "OR"}]}], "sourceIdentifier": "security_alert@emc.com"}