Dell PowerScale OneFS, 8.2.x-9.4.x, contain a command injection vulnerability. An authenticated user having access local shell and having the privilege to gather logs from the cluster could potentially exploit this vulnerability, leading to execute arbitrary commands, denial of service, information disclosure, and data deletion.
References
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 07:28
Type | Values Removed | Values Added |
---|---|---|
References | () https://www.dell.com/support/kbdoc/en-us/000206357/dell-emc-powerscale-onefs-security-updates-for-multiple-security-vulnerabilities - Vendor Advisory |
07 Nov 2023, 03:54
Type | Values Removed | Values Added |
---|---|---|
Summary | Dell PowerScale OneFS, 8.2.x-9.4.x, contain a command injection vulnerability. An authenticated user having access local shell and having the privilege to gather logs from the cluster could potentially exploit this vulnerability, leading to execute arbitrary commands, denial of service, information disclosure, and data deletion. |
Information
Published : 2023-02-01 05:15
Updated : 2024-11-21 07:28
NVD link : CVE-2022-45095
Mitre link : CVE-2022-45095
CVE.ORG link : CVE-2022-45095
JSON object : View
Products Affected
dell
- emc_powerscale_onefs
CWE
CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')