CVE-2022-22563
First published: Fri Apr 08 2022(Updated: )
Dell EMC Powerscale OneFS 8.2.x - 9.2.x omit security-relevant information in /etc/master.passwd. A high-privileged user can exploit this vulnerability to not record information identifying the source of account information changes.
Credit: security_alert@emc.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Dell EMC PowerScale OneFS | >=8.2.0<=9.3.0.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2022-22563?
CVE-2022-22563 is a vulnerability in Dell EMC Powerscale OneFS 8.2.x - 9.2.x that omits security-relevant information in /etc/master.passwd, allowing a high-privileged user to exploit it.
How does CVE-2022-22563 affect Dell EMC Powerscale OneFS?
CVE-2022-22563 affects Dell EMC Powerscale OneFS 8.2.x - 9.2.x by omitting security-relevant information in /etc/master.passwd.
What is the severity of CVE-2022-22563?
CVE-2022-22563 has a severity rating of 4.4 (medium).
How can a high-privileged user exploit CVE-2022-22563?
A high-privileged user can exploit CVE-2022-22563 by not recording information identifying the source of account information changes.
How can I fix CVE-2022-22563 in Dell EMC Powerscale OneFS?
To fix CVE-2022-22563 in Dell EMC Powerscale OneFS, you should install the Dell EMC Powerscale OneFS security update for multiple component vulnerabilities. Please refer to the Dell EMC support website for more information and instructions.
- collector/nvd-index
- agent/weakness
- agent/author
- agent/severity
- agent/references
- agent/description
- agent/type
- agent/event
- agent/last-modified-date
- agent/tags
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- vendor/dell
- canonical/dell emc powerscale onefs
- version/dell emc powerscale onefs/8.2.0
- version/dell emc powerscale onefs/9.3.0.0