CVE-2022-31231

MEDIUM

Dell ECS, versions 3.5 and 3.6, contain an Improper Access Control in the Identity and Access Management (IAM) module. A remote unauthenticated attacker may potentially exploit this vulnerability, leading to gaining read access to unauthorized data.

CVSS v3.1 Score

5.9
MEDIUM
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Attack Vector
NETWORK
Complexity
HIGH
Privileges
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
NONE
Availability
NONE
Published: 5/22/2026Modified: 5/22/2026

Related Intelligence (1)

HIGHVulnerability

NVD HIGH: CVE-2022-31231 — Dell ECS, versions 3.5 and 3.6, contain an Improper Access Control in the Identi...

Dell ECS, versions 3.5 and 3.6, contain an Improper Access Control in the Identity and Access Management (IAM) module. A remote unauthenticated attacker may potentially exploit this vulnerability, leading to gaining read access to unauthorized data.

CVE-2022-31231
NIST NVD

References (1)

https://dellservices.lightning.force.com/lightning/r/Lightning_Knowledge__kav/ka06P0000004RFTQA2/viewPermissions Required