CVE-2022-32480Initialization of a Resource with an Insecure Default in Dell Powerscale Onefs

CWE-1188Initialization of a Resource with an Insecure Default3 documents3 sources
Severity
6.5MEDIUMNVD
CNA4.3
EPSS
0.4%
top 41.09%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Dell Powerscale OnefsDell EMC Powerscale Onefs
Timeline
PublishedAug 22
Latest updateAug 23

Description

Dell PowerScale OneFS, versions 9.0.0, up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0.2, contain an insecure default initialization of a resource vulnerability. A remote authenticated attacker may potentially exploit this vulnerability, leading to information disclosure.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 2.8 | Impact: 3.6

Affected Packages2 packages

CVEListV5dell/powerscale_onefsunspecified9.1.0.x, 9.2.0.x,, 9.2.1.x, 9.3.0.x
NVDdell/emc_powerscale_onefs9.1.0.09.1.0.19+3

🔴Vulnerability Details

2
GHSA
GHSA-4pmm-c3gr-wwj8: Dell PowerScale OneFS, versions 92022-08-23
CVEList
CVE-2022-32480: Dell PowerScale OneFS, versions 92022-08-22
CVE-2022-32480 — Dell Powerscale Onefs vulnerability | cvebase