PT-2022-22169 · Dell · Dell Powerscale Onefs

Published

2022-10-21

Updated

2022-10-24

CVE-2022-34438

CVSS v3.1

6.7

Medium

Vector

AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Dell PowerScale OneFS versions 8.2.x through 9.4.0.x

Description A privilege context switching error exists, allowing a local authenticated malicious user with high privileges to potentially exploit this issue, leading to full system compromise. This affects compliance mode clusters.

Recommendations For Dell PowerScale OneFS versions 8.2.x through 9.4.0.x, update to a version that contains a fix for this privilege context switching error to prevent full system compromise. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Improper Privilege Management

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-269

Related Identifiers

CVE-2022-34438

Affected Products

Dell Powerscale Onefs

PT-2022-22169 · Dell · Dell Powerscale Onefs

CVE-2022-34438

Weakness Enumeration

Related Identifiers

Affected Products

References · 4