CVE-2022-31229Information Exposure via Error Message in Dell Powerscale Onefs

CWE-209Information Exposure via Error Message3 documents3 sources
Severity
4.9MEDIUMNVD
CNA9.6
EPSS
0.3%
top 47.84%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Dell Powerscale Onefs
Timeline
PublishedJun 28
Latest updateJun 29

Description

Dell PowerScale OneFS, 8.2.x through 9.3.0.x, contain an error message with sensitive information. An administrator could potentially exploit this vulnerability, leading to disclosure of sensitive information. This sensitive information can be used to access sensitive resources.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:NExploitability: 1.2 | Impact: 3.6

Affected Packages2 packages

CVEListV5dell/powerscale_onefsunspecified8.2.x, 9.0.0.x, 9.1.0.x, 9.1.1.x, 9.2.0.x, 9.2.1.x, 9.3.0.x
NVDdell/powerscale_onefs8.2.09.3.0.0

🔴Vulnerability Details

2
GHSA
GHSA-jh3r-77v7-vr84: Dell PowerScale OneFS, 82022-06-29
CVEList
CVE-2022-31229: Dell PowerScale OneFS, 82022-06-28
CVE-2022-31229 — Information Exposure via Error Message | cvebase