Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2022-22555

Dell EMC PowerStore, contains an OS command injection Vulnerability. A locally authenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the PowerStore underlying OS, with the privileges of the vulnerable application. Exploitation may lead to an elevation of privilege.

Published

2022-07-21T04:15:11.657

Last Modified

2024-11-21T06:47:01.060

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 6.0 (MEDIUM)

Weaknesses

Type: Secondary
CWE-78
Type: Primary
CWE-78

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	dell	emc_powerstore_500t_firmware	< 3.0.0.0-1732745	Yes
Hardware	dell	emc_powerstore_500t	-	No
Operating System	dell	emc_powerstore_1200t_firmware	< 3.0.0.0-1732745	Yes
Hardware	dell	emc_powerstore_1200t	-	No
Operating System	dell	emc_powerstore_3200t_firmware	< 3.0.0.0-1732745	Yes
Hardware	dell	emc_powerstore_3200t	-	No
Operating System	dell	emc_powerstore_5200t_firmware	< 3.0.0.0-1732745	Yes
Hardware	dell	emc_powerstore_5200t	-	No
Operating System	dell	emc_powerstore_9200t_firmware	< 3.0.0.0-1732745	Yes
Hardware	dell	emc_powerstore_9200t	-	No

References

https://www.dell.com/support/kbdoc/000201283 Vendor Advisory ([email protected])
https://www.dell.com/support/kbdoc/000201283 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)