PT-2022-18103 · Dell · Dell Powerscale Onefs

Published

2022-04-08

Updated

2022-04-14

CVE-2022-26854

CVSS v2.0

Critical

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Dell PowerScale OneFS versions 8.2.x through 9.2.x

Description The issue concerns the use of risky cryptographic algorithms in the software, which could be exploited by a remote unprivileged malicious attacker to gain full system access.

Recommendations For Dell PowerScale OneFS versions 8.2.x through 9.2.x, consider updating to a version that uses secure cryptographic algorithms to mitigate the risk of exploitation. As a temporary workaround, restrict access to sensitive areas of the system to minimize the risk of full system access by a malicious attacker.

Fix

Use of a Broken Cryptographic Algorithm

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-327

Related Identifiers

CVE-2022-26854

Affected Products

Dell Powerscale Onefs

PT-2022-18103 · Dell · Dell Powerscale Onefs

CVE-2022-26854

Weakness Enumeration

Related Identifiers

Affected Products

References · 5