First published: Wed Feb 01 2023(Updated: )
Dell PowerScale OneFS, 9.0.0.x-9.4.0.x, contain a cleartext storage of sensitive information vulnerability in S3 component. An authenticated local attacker could potentially exploit this vulnerability, leading to information disclosure.
Credit: security_alert@emc.com
Affected Software | Affected Version | How to fix |
---|---|---|
Dell EMC PowerScale OneFS | >=9.1.0.0<9.1.0.25 | |
Dell EMC PowerScale OneFS | >=9.2.1.0<9.2.1.18 | |
Dell EMC PowerScale OneFS | >=9.4.0.0<9.4.0.9 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2022-45098 is a vulnerability in Dell PowerScale OneFS 9.0.0.x-9.4.0.x that involves cleartext storage of sensitive information in the S3 component, allowing an authenticated local attacker to potentially disclose information.
CVE-2022-45098 has a severity score of 5.5, which is considered medium.
CVE-2022-45098 affects Dell PowerScale OneFS versions 9.0.0.x through 9.4.0.x.
An authenticated local attacker can exploit CVE-2022-45098 to gain access to cleartext stored sensitive information in the S3 component.
Yes, Dell has released security updates to address the vulnerability. Please refer to the Dell EMC PowerScale OneFS security updates for more information.