CVE-2022-33923

Name of the Vulnerable Software and Affected Versions Dell PowerStore versions prior to 3.0.0.0

Description The issue is an OS Command Injection vulnerability in the PowerStore T environment. A locally authenticated attacker could potentially exploit this, leading to the execution of arbitrary OS commands on the PowerStore underlying OS. This could result in a system takeover by an attacker.

Recommendations For versions prior to 3.0.0.0, update to version 3.0.0.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the PowerStore T environment to minimize the risk of exploitation.