PT-2023-15017 · Dell · Dell Vxrail

Published

2023-02-01

Updated

2023-02-08

CVE-2022-46756

CVSS v3.1

8.2

High

Vector

AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Dell VxRail versions prior to 7.0.410

Description The issue allows a local high-privileged attacker to potentially exploit a Container Escape Vulnerability, leading to the execution of arbitrary OS commands on the container's underlying OS. This could result in a system takeover by an attacker.

Recommendations For versions prior to 7.0.410, update to version 7.0.410 or later to resolve the issue. As a temporary workaround, consider restricting access to the container to minimize the risk of exploitation.

Fix

Exposure of Resource to Wrong Sphere

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-668

Related Identifiers

CVE-2022-46756

Affected Products

Dell Vxrail

PT-2023-15017 · Dell · Dell Vxrail

CVE-2022-46756

Weakness Enumeration

Related Identifiers

Affected Products

References · 4