CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-29098

Dell PowerScale OneFS versions 8.2.0.x through 9.3.0.x, contain a weak password requirement vulnerability. An administrator may create an account with no password. A remote attacker may potentially exploit this leading to a user account compromise.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 49.2%

CVSS Severity

CVSS v3 Score 8.1

CVSS v2 Score 5.0

References

https://www.dell.com/support/kbdoc/en-us/000200128/dsa-2022-082-dell-emc-powerscale-onefs-security-update?lang=en
https://www.dell.com/support/kbdoc/en-us/000200128/dsa-2022-082-dell-emc-powerscale-onefs-security-update?lang=en

Products affected by CVE-2022-29098

Dell » Powerscale Onefs » Version: 9.0.0

cpe:2.3:a:dell:powerscale_onefs:9.0.0
Dell » Powerscale Onefs » Version: 9.1.0

cpe:2.3:a:dell:powerscale_onefs:9.1.0
Dell » Powerscale Onefs » Version: 9.1.1

cpe:2.3:a:dell:powerscale_onefs:9.1.1
Dell » Powerscale Onefs » Version: 9.2.0

cpe:2.3:a:dell:powerscale_onefs:9.2.0
Dell » Powerscale Onefs » Version: 9.2.1

cpe:2.3:a:dell:powerscale_onefs:9.2.1
Dell » Powerscale Onefs » Version: 9.3.0

cpe:2.3:a:dell:powerscale_onefs:9.3.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-29098

Products

Pricing

Contact Us