CVE-2022-34374

Name of the Vulnerable Software and Affected Versions Dell Container Storage Modules version 1.2

Description The issue is related to an OS command injection in the goiscsi and gobrick libraries. A remote authenticated malicious user with low privileges could exploit this, leading to the execution of arbitrary OS commands on the affected system.

Recommendations For Dell Container Storage Modules version 1.2, consider restricting access to the goiscsi and gobrick libraries until a patch is available. As a temporary workaround, limit the privileges of remote authenticated users to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.