CVE-2022-22552
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2022-22552
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Dell EMC AppSync versions 3.9 to 4.3 contain a clickjacking vulnerability in AppSync. A remote unauthenticated attacker could potentially exploit this vulnerability to trick the victim into executing state changing operations.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
不当限制渲染UI层或帧
Source: NVD (National Vulnerability Database)
Vulnerability Title
DELL EMC AppSync 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
DELL EMC AppSync是美国戴尔(DELL)公司的一个复制数据管理软件。提供一种由 SLA 驱动的简单自助服务方式来保护、恢复和克隆关键的Microsoft 与 Oracle 应用程序以及 VMware 环境。 DELL EMC AppSync 存在安全漏洞,该漏洞源于Dell EMC AppSync 3.9至4.3版本中存在点击劫持漏洞。攻击者可利用该漏洞欺骗受害者执行状态更改操作。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
II. Public POCs for CVE-2022-22552
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2022-22552
请登录查看更多情报信息。
- https://www.dell.com/support/kbdoc/000195377x_refsource_MISC
- https://nvd.nist.gov/vuln/detail/CVE-2022-22552
Same Patch Batch · Dell · 2022-01-21 · 5 CVEs total
| CVE-2022-22551 | 8.3 HIGH | DELL EMC AppSync 授权问题漏洞 |
| CVE-2022-22553 | 8.1 HIGH | DELL EMC AppSync 安全漏洞 |
| CVE-2021-36339 | 7.8 HIGH | Dell EMC Unisphere for PowerMax 安全漏洞 |
| CVE-2021-36338 | 6.3 MEDIUM | Dell EMC Unisphere for PowerMax 安全漏洞 |
IV. Related Vulnerabilities
Same weakness: CWE-1021
- CVE-2026-3254
Improper Restriction of Rendered UI Layers or Frames in GitL - CVE-2026-2378
Address bar spoofing risk in ArcSearch on Android - CVE-2025-62328
HCL Nomad server on Domino is affected by a missing default - CVE-2025-58405
Lack of protection mechanisms against Clickjacking attacks - CVE-2026-27511
Tenda F3 Clickjacking in Web Management Interface
V. Comments for CVE-2022-22552
No comments yet