CVE-2022-45097

CVSS 6.3 MEDIUMEPSS 0.4%CWE-842

In short

Dell PowerScale OneFS has a flaw in how it manages user permissions that allows a low-privilege network attacker to gain higher-level access and view sensitive information they shouldn't be able to see.

Technical detail

CWE-842 Incorrect User Management in Dell PowerScale OneFS 9.0.0.x-9.4.0.x permits a network-based attacker with low privileges to escalate their access level and disclose restricted information through improper privilege boundary enforcement.

Summary generated and translated by AI from the official description.

Dell PowerScale OneFS 9.0.0.x-9.4.0.x contains an Incorrect User Management vulnerability. A low privileged network attacker could potentially exploit this vulnerability, leading to escalation of privileges, and information disclosure.

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Affected products

Dell · PowerScale OneFS

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://www.dell.com/support/kbdoc/en-us/000206357/dell-emc-powerscale-onefs-security-updates-for-multiple-security-vulnerabilities