CVE-2022-22563 MEDIUM

CVE-2022-22563

Vendor Dell
Product PowerScale OneFS
Weakness CWE-223
Published April 8, 2022
Last update September 16, 2024

CVSS base score

4.4/10
Attack vector Local
Attack complexity Low
Privileges required High
User interaction None
Confidentiality None
Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N

What the vulnerability does

01Description

Dell EMC Powerscale OneFS 8.2.x - 9.2.x omit security-relevant information in /etc/master.passwd. A high-privileged user can exploit this vulnerability to not record information identifying the source of account information changes.

Key dates

02Disclosure timeline

April 8, 2022 CVE published
September 16, 2024 Record updated