CVE-2022-45098

CWE-532Log File Information ExposureCWE-312Cleartext Storage of Sensitive Info3 documents3 sources
Severity
5.5MEDIUM
EPSS
0.0%
top 92.08%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Dell EMC Powerscale OnefsDell Powerscale Onefs
Timeline
PublishedFeb 1

Description

Dell PowerScale OneFS, 9.0.0.x-9.4.0.x, contain a cleartext storage of sensitive information vulnerability in S3 component. An authenticated local attacker could potentially exploit this vulnerability, leading to information disclosure.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:LExploitability: 1.3 | Impact: 4.7

Affected Packages2 packages

NVDdell/emc_powerscale_onefs9.1.0.09.1.0.25+2
CVEListV5dell/powerscale_onefs9.0.0.x0.4.0.x

🔴Vulnerability Details

2
CVEList
CVE-2022-45098: Dell PowerScale OneFS, 92023-02-01
GHSA
GHSA-64rg-7pf2-5p8v: Dell PowerScale OneFS, 92023-02-01
CVE-2022-45098 (MEDIUM CVSS 5.5) | Dell PowerScale OneFS | cvebase.io