{"api_version":"1","generated_at":"2026-05-14T19:36:48+00:00","cve":"CVE-2022-34368","urls":{"html":"https://cve.report/CVE-2022-34368","api":"https://cve.report/api/cve/CVE-2022-34368.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2022-34368","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2022-34368"},"summary":{"title":"CVE-2022-34368","description":"Dell EMC NetWorker 19.2.1.x 19.3.x, 19.4.x, 19.5.x, 19.6.x and 19.7.0.0 contain an Improper Handling of Insufficient Permissions or Privileges vulnerability. Authenticated non admin user could exploit this vulnerability and gain access to restricted resources.","state":"PUBLIC","assigner":"secure@dell.com","published_at":"2022-08-30 21:15:00","updated_at":"2022-09-07 01:19:00"},"problem_types":["CWE-755"],"metrics":[],"references":[{"url":"https://www.dell.com/support/kbdoc/en-us/000201652/dsa-2022-194-dell-emc-networker-security-update-for-insufficient-privileges-vulnerability","name":"https://www.dell.com/support/kbdoc/en-us/000201652/dsa-2022-194-dell-emc-networker-security-update-for-insufficient-privileges-vulnerability","refsource":"MISC","tags":[],"title":"Access Denied","mime":"text/html","httpstatus":"403","archivestatus":"404"},{"url":"https://www.cve.org/CVERecord?id=CVE-2022-34368","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-34368","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2022","cve_id":"34368","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"dell","cpe5":"emc_networker","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"34368","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"dell","cpe5":"emc_networker","cpe6":"19.7.0.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"secure@dell.com","DATE_PUBLIC":"2022-07-21","ID":"CVE-2022-34368","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"NetWorker Management Console","version":{"version_data":[{"version_affected":"<","version_value":"19.6.1.2"}]}}]},"vendor_name":"Dell"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Dell EMC NetWorker 19.2.1.x 19.3.x, 19.4.x, 19.5.x, 19.6.x and 19.7.0.0 contain an Improper Handling of Insufficient Permissions or Privileges vulnerability. Authenticated non admin user could exploit this vulnerability and gain access to restricted resources."}]},"impact":{"cvss":{"baseScore":6.1,"baseSeverity":"Medium","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:L","version":"3.1"}},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE-280: Improper Handling of Insufficient Permissions or Privileges"}]}]},"references":{"reference_data":[{"refsource":"MISC","url":"https://www.dell.com/support/kbdoc/en-us/000201652/dsa-2022-194-dell-emc-networker-security-update-for-insufficient-privileges-vulnerability","name":"https://www.dell.com/support/kbdoc/en-us/000201652/dsa-2022-194-dell-emc-networker-security-update-for-insufficient-privileges-vulnerability"}]}},"nvd":{"publishedDate":"2022-08-30 21:15:00","lastModifiedDate":"2022-09-07 01:19:00","problem_types":["CWE-755"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE","baseScore":6.5,"baseSeverity":"MEDIUM"},"exploitabilityScore":2.8,"impactScore":3.6}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:dell:emc_networker:19.7.0.0:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:dell:emc_networker:*:*:*:*:*:*:*:*","versionStartIncluding":"19.2.1.0","versionEndExcluding":"19.6.1.2","cpe_name":[]}]}]}},"legacy_mitre":{"record":null,"notes":[]}}}