Vulnerability Details CVE-2023-22572
Dell PowerScale OneFS 9.1.0.x-9.4.0.x contain an insertion of sensitive information into log file vulnerability in change password api. A low privilege local attacker could potentially exploit this vulnerability, leading to system takeover.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 16.5%
CVSS Severity
CVSS v3 Score 7.8
References
Products affected by CVE-2023-22572
-
cpe:2.3:o:dell:emc_powerscale_onefs:9.1.0.0
-
cpe:2.3:o:dell:emc_powerscale_onefs:9.1.0.21
-
cpe:2.3:o:dell:emc_powerscale_onefs:9.1.0.24
-
cpe:2.3:o:dell:emc_powerscale_onefs:9.1.0.25
-
cpe:2.3:o:dell:emc_powerscale_onefs:9.1.0.26
-
cpe:2.3:o:dell:emc_powerscale_onefs:9.2.1.0
-
cpe:2.3:o:dell:emc_powerscale_onefs:9.2.1.17
-
cpe:2.3:o:dell:emc_powerscale_onefs:9.2.1.18
-
cpe:2.3:o:dell:emc_powerscale_onefs:9.2.1.19
-
cpe:2.3:o:dell:emc_powerscale_onefs:9.4.0.0
-
cpe:2.3:o:dell:emc_powerscale_onefs:9.4.0.10
-
cpe:2.3:o:dell:emc_powerscale_onefs:9.4.0.2
-
cpe:2.3:o:dell:emc_powerscale_onefs:9.4.0.8
-
cpe:2.3:o:dell:emc_powerscale_onefs:9.4.0.9