CVE-2022-34375

Name of the Vulnerable Software and Affected Versions Dell Container Storage Modules version 1.2

Description The issue is related to a path traversal vulnerability in the goiscsi and gobrick libraries. A remote authenticated malicious user with low privileges could exploit this, leading to unintentional access to paths outside of the restricted directory.

Recommendations For Dell Container Storage Modules version 1.2, consider restricting access to the goiscsi and gobrick libraries until a patch is available. As a temporary workaround, limit the privileges of remote authenticated users to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.