CVE-2022-34427

Name of the Vulnerable Software and Affected Versions Dell Container Storage Modules version 1.2

Description The issue is related to an OS Command Injection in the goiscsi and gobrick libraries. A remote unauthenticated attacker could exploit this, leading to modification of intended OS command execution. Additionally, it is described as a vulnerability related to an uncontrolled DLL search path, which could allow a remote attacker to execute arbitrary code.

Recommendations For Dell Container Storage Modules version 1.2, consider disabling the goiscsi and gobrick libraries as a temporary workaround until a patch is available. Restrict access to the affected libraries to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.