Vulnerabilities > CVE-2022-34453 - Unspecified vulnerability in Dell Xtremio X2 Firmware

CVSS 7.1 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

NONE

Integrity impact

LOW

Availability impact

HIGH

network

low complexity

dell

NVD

Published: 2023-08-03

Updated: 2023-08-08

Summary

Dell XtremIO X2 XMS versions prior to 6-4-1.11 contain an improper access control vulnerability. A remote read only user could potentially exploit this vulnerability to perform add/delete QoS policies which are disabled by default.

Vulnerable Configurations

Part	Description	Count
OS	Dell Dell Xtremio X2 Firmware *	1
Hardware	Dell Dell Xtremio X2 -	1

References

https://www.dell.com/support/kbdoc/en-us/000204809/dsa-2022-290-dell-xtremio-x2-security-advisory-for-xms-gui?lang=en