CVE-2022-45102

CVSS 5.4 - MEDIUM
Description

Dell EMC Data Protection Central, versions 19.1 through 19.7, contains a Host Header Injection vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability by injecting arbitrary \u2018Host\u2019 header values to poison a web cache or trigger redirections.

Affected Products
5
Vendor Product Version
dell emc_data_protection_central All versions
dell dp4400_firmware All versions
dell dp4400 -
dell dp5900_firmware All versions
dell dp5900 -
References
https://www.dell.com/support/kbdoc/en-us/000206329...
https://www.dell.com/support/kbdoc/en-us/000206329...
Weakness Types
CWE-644 CWE-116
CVE Information
CVE ID:
CVE-2022-45102
Published:
2023-02-01
Modified:
2024-11-21
CVSS Score:
5.4
Severity:
MEDIUM
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
Affected Vendors
dell
Quick Actions
View on NVD Find Similar CVEs
CVSS Severity Scale
0.0 - 3.9 LOW
4.0 - 6.9 MEDIUM
7.0 - 8.9 HIGH
9.0 - 10.0 CRITICAL