First published: Wed Feb 01 2023(Updated: )
Dell PowerScale OneFS 9.1.0.x-9.4.0.x contain an insertion of sensitive information into log file vulnerability in change password api. A low privilege local attacker could potentially exploit this vulnerability, leading to system takeover.
Credit: security_alert@emc.com
Affected Software | Affected Version | How to fix |
---|---|---|
Dell EMC PowerScale OneFS | >=9.1.0.0<9.1.0.27 | |
Dell EMC PowerScale OneFS | >=9.2.1.0<9.2.1.20 | |
Dell EMC PowerScale OneFS | >=9.4.0.0<9.4.0.11 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-22572 is a vulnerability in Dell PowerScale OneFS 9.1.0.x-9.4.0.x that allows for the insertion of sensitive information into a log file, potentially leading to system takeover.
The severity of CVE-2023-22572 is high, with a CVSS score of 7.8.
CVE-2023-22572 affects Dell PowerScale OneFS versions 9.1.0.x-9.4.0.x, allowing a low privilege local attacker to exploit the vulnerability and potentially gain system takeover.
To fix CVE-2023-22572, it is recommended to apply the security updates provided by Dell PowerScale OneFS, which can be found in the referenced link.
More information about CVE-2023-22572 can be found in the Dell PowerScale OneFS security updates documentation at the referenced link.