Vulnerability Details CVE-2022-45095
Dell PowerScale OneFS, 8.2.x-9.4.x, contain a command injection vulnerability. An authenticated user having access local shell and having the privilege to gather logs from the cluster could potentially exploit this vulnerability, leading to execute arbitrary commands, denial of service, information disclosure, and data deletion.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 21.4%
CVSS Severity
CVSS v3 Score 6.7
References
Products affected by CVE-2022-45095
-
cpe:2.3:o:dell:emc_powerscale_onefs:9.1.0.0
-
cpe:2.3:o:dell:emc_powerscale_onefs:9.1.0.21
-
cpe:2.3:o:dell:emc_powerscale_onefs:9.1.0.24
-
cpe:2.3:o:dell:emc_powerscale_onefs:9.2.1.0
-
cpe:2.3:o:dell:emc_powerscale_onefs:9.2.1.17
-
cpe:2.3:o:dell:emc_powerscale_onefs:9.4.0.0
-
cpe:2.3:o:dell:emc_powerscale_onefs:9.4.0.2
-
cpe:2.3:o:dell:emc_powerscale_onefs:9.4.0.8