HIGH🇵🇱 Wersja polska

CVE-2022-22557

CVSS 7.5v3.1pub. 2022-06-02upd. 2024-11-21

PowerStore contains Plain-Text Password Storage Vulnerability in PowerStore X & T environments running versions 2.0.0.x and 2.0.1.x A locally authenticated attacker could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the vulnerable application with privileges of the compromised account.

CVSS Vector
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
  • Dell Powerstoreos

    OS
    Dell
    2.0.0.0 – 2.1.0.0 (bez)2.0.0.0 – 2.1.1.0 (bez)
  • Dell Powerstore T

    HW
    Dell
    wszystkie wersje
  • Dell Powerstore X

    HW
    Dell
    wszystkie wersje
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2023-32478CRITICAL9.0ten sam produkt

Dell PowerStore versions prior to 3.5.0.1 contain an insertion of sensitive information into log file vulnera...

CVE-2022-26869CRITICAL9.8ten sam produkt

Dell PowerStore versions 2.0.0.x, 2.0.1.x and 2.1.0.x contains an open port vulnerability. A remote unauthenti...

CVE-2024-51532HIGH7.1ten sam produkt

Dell PowerStore contains an Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')...

CVE-2022-26870HIGH7.0ten sam produkt

Dell PowerStore versions 2.1.0.x contain an Authentication bypass vulnerability. A remote unauthenticated atta...

CVE-2026-28265MEDIUM4.4ten sam produkt

PowerStore, contains a Path Traversal vulnerability in the Service user. A low privileged attacker with local ...