CVE-2022-34453

Name of the Vulnerable Software and Affected Versions Dell XtremIO X2 XMS versions prior to 6-4-1.11

Description The issue is related to improper access control, allowing a remote read-only user to potentially exploit it and perform actions such as adding or deleting QoS policies, which are disabled by default.

Recommendations For versions prior to 6-4-1.11, update to version 6-4-1.11 or later to resolve the issue. As a temporary workaround, consider restricting access to QoS policy management to prevent unauthorized modifications until the update is applied.