First published: Fri Feb 10 2023(Updated: )
Dell PowerScale OneFS, versions 8.2.x through 9.4.x contain multiple stored cross-site scripting vulnerabilities. A remote authenticated malicious user with high privileges may potentially exploit these vulnerabilities to store malicious HTML or JavaScript code through multiple affected fields.
Credit: security_alert@emc.com
Affected Software | Affected Version | How to fix |
---|---|---|
Dell EMC PowerScale OneFS | >=9.1.0.0<=9.1.0.23 | |
Dell EMC PowerScale OneFS | >=9.2.1.0<=9.2.1.16 | |
Dell EMC PowerScale OneFS | >=9.3.0.0<=9.3.0.7 | |
Dell EMC PowerScale OneFS | >=9.4.0.0<=9.4.0.4 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2022-33934 is a vulnerability in Dell PowerScale OneFS versions 8.2.x through 9.4.x that allows a remote authenticated malicious user to store malicious HTML or JavaScript code through multiple affected fields.
CVE-2022-33934 has a severity rating of 4.8 (high).
Dell PowerScale OneFS versions 8.2.x through 9.4.x are affected by CVE-2022-33934.
A remote authenticated user with high privileges can exploit CVE-2022-33934 by storing malicious HTML or JavaScript code through multiple affected fields.
Yes, Dell has provided a fix for CVE-2022-33934. Please refer to the Dell support page for more information.