How severe is CVE-2022-34392?

CVE-2022-34392 has a CVSS v3 score of 5.5 (MEDIUM).

CVE-2022-34392

Name: supportassist_for_home_pcs
Author: dell

5.5MEDIUM

SupportAssist for Home PCs (versions 3.11.4 and prior) contain an insufficient session expiration Vulnerability. An authenticated non-admin user can be able to obtain the refresh token and that leads

Опубликовано: 2/11/2023Обновлено: 11/21/2024

Описание

SupportAssist for Home PCs (versions 3.11.4 and prior) contain an insufficient session expiration Vulnerability. An authenticated non-admin user can be able to obtain the refresh token and that leads to reuse the access token and fetch sensitive information.

ИИ-АнализНа базе ИИ

Затронутые продукты

dellsupportassist_for_home_pcs

Ссылки

https://www.dell.com/support/kbdoc/000204114
Vendor Advisory
https://www.dell.com/support/kbdoc/000204114
Vendor Advisory