Dell EMC Powerscale OneFS 8.2.x - 9.2.x omit security-relevant information in /etc/master.passwd. A high-privileged user can exploit this vulnerability to not record information identifying the source of account information changes.
References
Link | Resource |
---|---|
https://www.dell.com/support/kbdoc/000196657 | Permissions Required Vendor Advisory |
https://www.dell.com/support/kbdoc/en-an/000197991/dell-emc-powerscale-onefs-security-update-for-multiple-component-vulnerabilities | Vendor Advisory |
Configurations
History
14 Apr 2022, 19:13
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
References | (MISC) https://www.dell.com/support/kbdoc/000196657 - Permissions Required, Vendor Advisory | |
CPE | cpe:2.3:o:dell:emc_powerscale_onefs:*:*:*:*:*:*:*:* | |
CWE | NVD-CWE-Other | |
CVSS |
v2 : v3 : |
v2 : 2.1
v3 : 4.4 |
First Time |
Dell
Dell emc Powerscale Onefs |
08 Apr 2022, 20:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-04-08 20:15
Updated : 2023-12-10 14:22
NVD link : CVE-2022-22563
Mitre link : CVE-2022-22563
CVE.ORG link : CVE-2022-22563
JSON object : View
Products Affected
dell
- emc_powerscale_onefs
CWE