Vulnerabilities > CVE-2022-26869 - Exposure of Resource to Wrong Sphere vulnerability in Dell Powerstoreos

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

dell

CWE-668

critical

NVD

Published: 2022-06-02

Updated: 2022-06-13

Summary

Dell PowerStore versions 2.0.0.x, 2.0.1.x and 2.1.0.x contains an open port vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to information disclosure and arbitrary code execution.

Vulnerable Configurations

Part	Description	Count
OS	Dell Dell Powerstoreos 2.0.0.0 Dell Powerstoreos 2.0.1.0 Dell Powerstoreos 2.0.1.1 Dell Powerstoreos 2.0.1.2 Dell Powerstoreos 2.0.1.3 Dell Powerstoreos 2.1.0.0 Dell Powerstoreos 2.1.0.1	7
Hardware	Dell Dell Powerstore T - Dell Powerstore X -	2

Common Weakness Enumeration (CWE)

CWE-668 - Exposure of Resource to Wrong Sphere

References

https://www.dell.com/support/kbdoc/000196367