Command Injection Vulnerability in Dell PowerScale OneFS

Command Injection Vulnerability in Dell PowerScale OneFS

CVE-2022-45095 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Dell PowerScale OneFS, 8.2.x-9.4.x, contain a command injection vulnerability. An authenticated user having access local shell and having the privilege to gather logs from the cluster could potentially exploit this vulnerability, leading to execute arbitrary commands, denial of service, information disclosure, and data deletion.

Learn more about our User Device Pen Test.