← Back

CVE-2022-31237

nvd nist
Published: Aug 22, 2022Modified: Nov 21, 2024

JSON object

Loading...
3.3
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Exploitability: 1.8 / Impact: 1.4
Source: NVD

Description

Dell PowerScale OneFS, versions 9.2.0 up to and including 9.2.1.12 and 9.3.0.5 contain an improper preservation of permissions vulnerability in SyncIQ. A low privileged local attacker may potentially exploit this vulnerability, leading to limited information disclosure.

Affected (2)

Dell
1 product
Emc Powerscale Onefs
Configuration A
2 vulnerable
Vulnerable SoftwareAffected Versions
Dell
Emc Powerscale Onefs
From 9.2.0 to 9.2.1.12
Emc Powerscale Onefs
From 9.3.0.0 to 9.3.0.6

Related CWEs

CWE-281
Improper Preservation of Permissions
The product does not preserve permissions or incorrectly preserves permissions when copying, restoring, or sharing objects, which can cause them to have less restrictive permissions than intended.

References (2)

Source: security_alert@emc.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.