CVE-2023-22573

Name of the Vulnerable Software and Affected Versions Dell PowerScale OneFS versions 9.0.0.x through 9.4.0.x

Description The issue is related to the insertion of sensitive information into log files in cloudpool, which could be exploited by a low-privileged local attacker, leading to sensitive information disclosure.

Recommendations For versions 9.0.0.x through 9.4.0.x, consider restricting access to log files to minimize the risk of sensitive information disclosure until a patch is available. As a temporary workaround, consider disabling the cloudpool feature until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.