CVE-2022-34445

MEDIUM

Dell Powerscale Onefs - Insufficiently Protected Credentials

Title source: rule

Description

Dell PowerScale OneFS, versions 8.2.x through 9.3.x contain a weak encoding for a password. A malicious local privileged attacker may potentially exploit this vulnerability, leading to information disclosure.

References (1)

[Vendor Advisory] https://www.dell.com/support/kbdoc/en-us/000205618/dsa-2022-271

Scores

CVSS v3 6.0

EPSS 0.0004

EPSS Percentile 13.2%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N

Classification

CWE

CWE-261 CWE-522

Status published

Affected Products (18)

dell/powerscale_onefs

... and 3 more

Timeline

Published Feb 11, 2023

Tracked Since Feb 18, 2026