← Zuruck zu CVEs
CVE-2022-29098
HIGH8.1
Beschreibung
Dell PowerScale OneFS versions 8.2.0.x through 9.3.0.x, contain a weak password requirement vulnerability. An administrator may create an account with no password. A remote attacker may potentially exploit this leading to a user account compromise.
CVE Details
CVSS v3.1 Bewertung8.1
SchweregradHIGH
CVSS VektorCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
AngriffsvektorNETWORK
KomplexitatHIGH
Erforderliche PrivilegienNONE
BenutzerinteraktionNONE
Veroffentlicht6/1/2022
Zuletzt geandert2/20/2026
Quellenvd
Honeypot-Sichtungen0
Betroffene Produkte
dell:powerscale_onefs
Schwachen (CWE)
CWE-521CWE-521
Referenzen
https://www.dell.com/support/kbdoc/en-us/000200128/dsa-2022-082-dell-emc-powerscale-onefs-security-update?lang=en(security_alert@emc.com)
https://www.dell.com/support/kbdoc/en-us/000200128/dsa-2022-082-dell-emc-powerscale-onefs-security-update?lang=en(af854a3a-2127-422b-91ae-364da2661108)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.