CVE-2022-24413Time-of-check Time-of-use (TOCTOU) Race Condition in Dell EMC Powerscale Onefs

CWE-367Time-of-check Time-of-use (TOCTOU) Race Condition3 documents3 sources
Severity
3.6LOWNVD
CNA4.4
EPSS
0.0%
top 90.16%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Dell EMC Powerscale OnefsDell Powerscale Onefs
Timeline
PublishedApr 12
Latest updateApr 13

Description

Dell PowerScale OneFS, versions 8.2.2-9.3.x, contain a time-of-check-to-time-of-use vulnerability. A local user with access to the filesystem could potentially exploit this vulnerability, leading to data loss.

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:LExploitability: 1.0 | Impact: 2.5

Affected Packages2 packages

NVDdell/emc_powerscale_onefs8.2.29.3.0
CVEListV5dell/powerscale_onefs8.2.2-9.3.x

🔴Vulnerability Details

2
GHSA
GHSA-pjv5-w3wg-mr2v: Dell PowerScale OneFS, versions 82022-04-13
CVEList
CVE-2022-24413: Dell PowerScale OneFS, versions 82022-04-12
CVE-2022-24413 — Dell vulnerability | cvebase