CVE-2022-45095
CVSS V2 None
CVSS V3 None
Description
Dell PowerScale OneFS, 8.2.x-9.4.x, contain a command injection vulnerability. An authenticated user having access local shell and having the privilege to gather logs from the cluster could potentially exploit this vulnerability, leading to execute arbitrary commands, denial of service, information disclosure, and data deletion.
Overview
- CVE ID
- CVE-2022-45095
- Assigner
- security_alert@emc.com
- Vulnerability Status
- Analyzed
- Published Version
- 2023-02-01T05:15:12
- Last Modified Date
- 2023-02-08T15:42:50
Weakness Enumerations
CPE Configuration (Product)
| CPE | Vulnerable | Operator | Version Start | Version End |
|---|---|---|---|---|
| cpe:2.3:o:dell:emc_powerscale_onefs:*:*:*:*:*:*:*:* | 1 | OR | 9.1.0.0 | 9.1.0.25 |
| cpe:2.3:o:dell:emc_powerscale_onefs:*:*:*:*:*:*:*:* | 1 | OR | 9.2.1.0 | 9.2.1.18 |
| cpe:2.3:o:dell:emc_powerscale_onefs:*:*:*:*:*:*:*:* | 1 | OR | 9.4.0.0 | 9.4.0.9 |
References
| Reference URL | Reference Tags |
|---|---|
| https://www.dell.com/support/kbdoc/en-us/000206357/dell-emc-powerscale-onefs-security-updates-for-multiple-security-vulnerabilities | Vendor Advisory |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2022-45095 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45095 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2023-04-17 07:02:06 | Added to TrackCVE | |||
| 2023-04-17 07:02:09 | Weakness Enumeration | new |