CVE-2022-31221

Dell BIOS versions contain an Information Exposure vulnerability. A local authenticated administrator user could potentially exploit this vulnerability in order access sensitive state information on the system.
References
Link Resource
https://www.dell.com/support/kbdoc/000202196 Patch Vendor Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:dell:chengming_3900_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:chengming_3900:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:dell:inspiron_14_plus_7420_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:inspiron_14_plus_7420:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:dell:inspiron_16_plus_7620_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:inspiron_16_plus_7620:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:dell:inspiron_3910_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:inspiron_3910:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:dell:inspiron_5320_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:inspiron_5320:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:dell:inspiron_5420_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:inspiron_5420:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:dell:inspiron_5620_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:inspiron_5620:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:dell:inspiron_7420_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:inspiron_7420:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:dell:inspiron_7620_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:inspiron_7620:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:dell:optiplex_3000_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:optiplex_3000:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:dell:optiplex_3000_thin_client_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:optiplex_3000_thin_client:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:dell:optiplex_5000_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:optiplex_5000:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND
cpe:2.3:o:dell:optiplex_5400_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:optiplex_5400:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND
cpe:2.3:o:dell:optiplex_7000_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:optiplex_7000:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND
cpe:2.3:o:dell:optiplex_7000_oem_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:optiplex_7000_oem:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND
cpe:2.3:o:dell:optiplex_7400_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:optiplex_7400:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND
cpe:2.3:o:dell:precision_3460_small_form_factor_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:precision_3460_small_form_factor:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND
cpe:2.3:o:dell:precision_3660_tower_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:precision_3660_tower:-:*:*:*:*:*:*:*

Configuration 19 (hide)

AND
cpe:2.3:o:dell:precision_5770_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:precision_5770:-:*:*:*:*:*:*:*

Configuration 20 (hide)

AND
cpe:2.3:o:dell:vostro_3710_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:vostro_3710:-:*:*:*:*:*:*:*

Configuration 21 (hide)

AND
cpe:2.3:o:dell:vostro_3910_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:vostro_3910:-:*:*:*:*:*:*:*

Configuration 22 (hide)

AND
cpe:2.3:o:dell:vostro_5320_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:vostro_5320:-:*:*:*:*:*:*:*

Configuration 23 (hide)

AND
cpe:2.3:o:dell:vostro_5620_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:vostro_5620:-:*:*:*:*:*:*:*

Configuration 24 (hide)

AND
cpe:2.3:o:dell:vostro_7620_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:vostro_7620:-:*:*:*:*:*:*:*

Configuration 25 (hide)

AND
cpe:2.3:o:dell:xps_17_9720_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:xps_17_9720:-:*:*:*:*:*:*:*

History

15 Sep 2022, 19:46

Type Values Removed Values Added
CPE cpe:2.3:h:dell:xps_17_9720:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:inspiron_7620:-:*:*:*:*:*:*:*
cpe:2.3:o:dell:vostro_7620_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dell:inspiron_7620_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dell:inspiron_16_plus_7620_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dell:optiplex_7400_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:inspiron_5420:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:optiplex_7000:-:*:*:*:*:*:*:*
cpe:2.3:o:dell:optiplex_3000_thin_client_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:precision_3460_small_form_factor:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:inspiron_16_plus_7620:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:optiplex_3000:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:optiplex_5400:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:optiplex_7000_oem:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:precision_3660_tower:-:*:*:*:*:*:*:*
cpe:2.3:o:dell:precision_3660_tower_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:vostro_3710:-:*:*:*:*:*:*:*
cpe:2.3:o:dell:inspiron_7420_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:inspiron_7420:-:*:*:*:*:*:*:*
cpe:2.3:o:dell:vostro_5620_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:inspiron_14_plus_7420:-:*:*:*:*:*:*:*
cpe:2.3:o:dell:precision_3460_small_form_factor_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dell:vostro_5320_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dell:xps_17_9720_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:optiplex_7400:-:*:*:*:*:*:*:*
cpe:2.3:o:dell:optiplex_3000_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:vostro_5320:-:*:*:*:*:*:*:*
cpe:2.3:o:dell:optiplex_7000_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dell:optiplex_5400_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dell:chengming_3900_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dell:inspiron_5620_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:chengming_3900:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:vostro_7620:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:precision_5770:-:*:*:*:*:*:*:*
cpe:2.3:o:dell:inspiron_14_plus_7420_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:inspiron_5320:-:*:*:*:*:*:*:*
cpe:2.3:o:dell:vostro_3710_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:optiplex_5000:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:inspiron_3910:-:*:*:*:*:*:*:*
cpe:2.3:o:dell:inspiron_5320_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dell:optiplex_5000_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dell:precision_5770_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:inspiron_5620:-:*:*:*:*:*:*:*
cpe:2.3:o:dell:inspiron_5420_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:optiplex_3000_thin_client:-:*:*:*:*:*:*:*
cpe:2.3:o:dell:inspiron_3910_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dell:vostro_3910_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:vostro_3910:-:*:*:*:*:*:*:*
cpe:2.3:o:dell:optiplex_7000_oem_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:vostro_5620:-:*:*:*:*:*:*:*
References (MISC) https://www.dell.com/support/kbdoc/000202196 - (MISC) https://www.dell.com/support/kbdoc/000202196 - Patch, Vendor Advisory
CWE CWE-200
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 2.3
First Time Dell precision 3660 Tower Firmware
Dell inspiron 16 Plus 7620 Firmware
Dell optiplex 7000 Oem
Dell vostro 3710
Dell vostro 5320 Firmware
Dell vostro 3910
Dell chengming 3900
Dell inspiron 7620
Dell vostro 7620 Firmware
Dell optiplex 7400
Dell precision 3460 Small Form Factor Firmware
Dell optiplex 5000
Dell inspiron 5620 Firmware
Dell inspiron 7620 Firmware
Dell vostro 3910 Firmware
Dell inspiron 14 Plus 7420
Dell precision 5770
Dell inspiron 16 Plus 7620
Dell optiplex 7400 Firmware
Dell inspiron 3910 Firmware
Dell inspiron 5620
Dell vostro 5620
Dell precision 5770 Firmware
Dell optiplex 3000 Thin Client
Dell optiplex 3000 Firmware
Dell optiplex 5400
Dell inspiron 5420
Dell precision 3460 Small Form Factor
Dell xps 17 9720 Firmware
Dell optiplex 3000 Thin Client Firmware
Dell vostro 5320
Dell optiplex 7000 Oem Firmware
Dell chengming 3900 Firmware
Dell optiplex 5000 Firmware
Dell
Dell inspiron 5320 Firmware
Dell vostro 3710 Firmware
Dell inspiron 7420 Firmware
Dell precision 3660 Tower
Dell optiplex 7000 Firmware
Dell xps 17 9720
Dell optiplex 7000
Dell inspiron 14 Plus 7420 Firmware
Dell inspiron 5420 Firmware
Dell vostro 7620
Dell optiplex 5400 Firmware
Dell vostro 5620 Firmware
Dell optiplex 3000
Dell inspiron 3910
Dell inspiron 5320
Dell inspiron 7420

12 Sep 2022, 19:15

Type Values Removed Values Added
New CVE

Information

Published : 2022-09-12 19:15

Updated : 2023-12-10 14:35


NVD link : CVE-2022-31221

Mitre link : CVE-2022-31221

CVE.ORG link : CVE-2022-31221


JSON object : View

Products Affected

dell

  • vostro_7620_firmware
  • chengming_3900
  • precision_3660_tower
  • inspiron_14_plus_7420
  • optiplex_7000_firmware
  • inspiron_7620
  • inspiron_7620_firmware
  • optiplex_5000
  • chengming_3900_firmware
  • vostro_7620
  • precision_3460_small_form_factor_firmware
  • inspiron_5620_firmware
  • vostro_5620
  • precision_5770
  • vostro_3710
  • inspiron_3910_firmware
  • inspiron_16_plus_7620
  • inspiron_7420
  • optiplex_5400
  • optiplex_7000
  • inspiron_5620
  • optiplex_5400_firmware
  • optiplex_7000_oem_firmware
  • inspiron_5420_firmware
  • optiplex_3000_thin_client
  • optiplex_3000_thin_client_firmware
  • optiplex_7400
  • optiplex_5000_firmware
  • inspiron_16_plus_7620_firmware
  • inspiron_5420
  • optiplex_3000
  • optiplex_3000_firmware
  • xps_17_9720
  • inspiron_5320
  • inspiron_7420_firmware
  • inspiron_5320_firmware
  • inspiron_14_plus_7420_firmware
  • optiplex_7400_firmware
  • vostro_5320
  • inspiron_3910
  • precision_5770_firmware
  • optiplex_7000_oem
  • xps_17_9720_firmware
  • precision_3460_small_form_factor
  • vostro_5620_firmware
  • vostro_3710_firmware
  • vostro_3910
  • vostro_5320_firmware
  • precision_3660_tower_firmware
  • vostro_3910_firmware
CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor