CVE-2022-31233

MEDIUM

Unisphere for PowerMax <9.2.3.15 - Privilege Escalation

Title source: llm

Description

Unisphere for PowerMax versions before 9.2.3.15 contain a privilege escalation vulnerability. An adjacent malicious user may potentially exploit this vulnerability to escalate their privileges and access functionalities they do not have access to.

References (1)

[Patch, Vendor Advisory] https://www.dell.com/support/kbdoc/000200975

Scores

CVSS v3 6.3

EPSS 0.0011

EPSS Percentile 29.0%

Attack Vector ADJACENT_NETWORK

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N

Details

CWE

CWE-669 CWE-602

Status published

Products (8)

dell/evasa_provider_virtual_appliance < 9.2.3.7

dell/powermax_os 5978

dell/solutions_enabler < 9.2.3.4

dell/solutions_enabler_virtual_appliance < 9.2.3.4

dell/unisphere_360 < 9.2.3.6

dell/unisphere_for_powermax < 9.2.3.15

dell/unisphere_for_powermax_virtual_appliance < 9.2.3.15

dell/vasa < 9.2.3.15

Published Aug 31, 2022

Tracked Since Feb 18, 2026