CVE-2022-45095
published 2023-02-01CVE-2022-45095: Dell PowerScale OneFS, 8.2.x-9.4.x, contain a command injection vulnerability. An authenticated user having access local shell and having the privilege to…
medium6.7CVSS 3.1
AVLACLPRHUINSUCHIHAH
Dell PowerScale OneFS, 8.2.x-9.4.x, contain a command injection vulnerability. An authenticated user having access local shell and having the privilege to gather logs from the cluster could potentially exploit this vulnerability, leading to execute arbitrary commands, denial of service, information disclosure, and data deletion.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| dell | emc_powerscale_onefs | >= 9.1.0.0 < 9.1.0.25 | 9.1.0.25 |
| dell | emc_powerscale_onefs | >= 9.2.1.0 < 9.2.1.18 | 9.2.1.18 |
| dell | emc_powerscale_onefs | >= 9.4.0.0 < 9.4.0.9 | 9.4.0.9 |
| dell | powerscale_onefs | 8.2.x – 9.4.x | — |