CVE-2022-22555
6.7
Vector
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Exploitability: 0.8 / Impact: 5.9
Source: NVD
Description
Dell EMC PowerStore, contains an OS command injection Vulnerability. A locally authenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the PowerStore underlying OS, with the privileges of the vulnerable application. Exploitation may lead to an elevation of privilege.
Affected (5)
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Before 3.0.0.0-1732745 |
| Running on/with | Platform Versions |
|---|---|
Dell Emc Powerstore 500t | All versions |
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| Before 3.0.0.0-1732745 |
| Running on/with | Platform Versions |
|---|---|
Dell Emc Powerstore 1200t | All versions |
Configuration C
| Vulnerable Software | Affected Versions |
|---|---|
| Before 3.0.0.0-1732745 |
| Running on/with | Platform Versions |
|---|---|
Dell Emc Powerstore 3200t | All versions |
Configuration D
| Vulnerable Software | Affected Versions |
|---|---|
| Before 3.0.0.0-1732745 |
| Running on/with | Platform Versions |
|---|---|
Dell Emc Powerstore 5200t | All versions |
Configuration E
| Vulnerable Software | Affected Versions |
|---|---|
| Before 3.0.0.0-1732745 |
| Running on/with | Platform Versions |
|---|---|
Dell Emc Powerstore 9200t | All versions |
References (2)
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Timeline
No history available yet.