Vulnerabilities > CVE-2022-26869 - Exposure of Resource to Wrong Sphere vulnerability in Dell Powerstoreos

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

dell

CWE-668

NVD

Published: 2022-06-02

Updated: 2022-06-13

Summary

Dell PowerStore versions 2.0.0.x, 2.0.1.x and 2.1.0.x contains an open port vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to information disclosure and arbitrary code execution.

Vulnerable Configurations

Part	Description	Count
OS	Dell Dell Powerstoreos 2.0.0.0 Dell Powerstoreos 2.0.1.0 Dell Powerstoreos 2.0.1.1 Dell Powerstoreos 2.0.1.2 Dell Powerstoreos 2.0.1.3 Dell Powerstoreos 2.1.0.0 Dell Powerstoreos 2.1.0.1	7
Hardware	Dell Dell Powerstore X - Dell Powerstore T -	2

Common Weakness Enumeration (CWE)

CWE-668 - Exposure of Resource to Wrong Sphere

References

https://www.dell.com/support/kbdoc/000196367