First published: Fri Oct 21 2022(Updated: )
Dell PowerScale OneFS, versions 8.2.2-9.3.0, contain an OS command injection vulnerability. A privileged local malicious user could potentially exploit this vulnerability, leading to a full system compromise. This impacts compliance mode clusters.
Credit: security_alert@emc.com
Affected Software | Affected Version | How to fix |
---|---|---|
Dell EMC PowerScale OneFS | >=9.1.0.0<=9.1.0.21 | |
Dell EMC PowerScale OneFS | >=9.2.1.0<=9.2.1.15 | |
Dell EMC PowerScale OneFS | >=9.3.0.0<=9.3.0.7 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2022-34437 is an OS command injection vulnerability in Dell PowerScale OneFS versions 8.2.2-9.3.0.
CVE-2022-34437 allows a privileged local malicious user to exploit this vulnerability and potentially compromise the entire system.
Dell PowerScale OneFS versions 8.2.2-9.3.0 are affected by CVE-2022-34437.
CVE-2022-34437 has a severity of medium, with a CVSS score of 6.7.
To fix CVE-2022-34437, you need to apply the security update provided by Dell EMC PowerScale OneFS.