High
Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
CVE-2022-34369 | Dell PowerScale OneFS versions 9.0.0 up to and including 9.1.0.20, 9.2.1.13, 9.3.0.6, and 9.4.0.3 contain an insertion of sensitive information in log files vulnerability. A remote unprivileged attacker may potentially exploit this vulnerability, leading to exposure of this sensitive data. | 8.1 | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |
CVE-2022-34371 | Dell PowerScale OneFS versions 9.0.0 up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0.3 contain an unprotected transport of credentials vulnerability. A malicious unprivileged network attacker may potentially exploit this vulnerability, leading to full system compromise. | 8.1 | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |
CVE-2022-34378 | Dell PowerScale OneFS versions 9.0.0 up to and including 9.1.0.20, 9.2.1.13, 9.3.0.6, and 9.4.0.3 contain a relative path traversal vulnerability. A low privileged local attacker may potentially exploit this vulnerability, leading to denial of service. | 5.5 | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
CVE-2022-34369 | Dell PowerScale OneFS versions 9.0.0 up to and including 9.1.0.20, 9.2.1.13, 9.3.0.6, and 9.4.0.3 contain an insertion of sensitive information in log files vulnerability. A remote unprivileged attacker may potentially exploit this vulnerability, leading to exposure of this sensitive data. | 8.1 | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |
CVE-2022-34371 | Dell PowerScale OneFS versions 9.0.0 up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0.3 contain an unprotected transport of credentials vulnerability. A malicious unprivileged network attacker may potentially exploit this vulnerability, leading to full system compromise. | 8.1 | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |
CVE-2022-34378 | Dell PowerScale OneFS versions 9.0.0 up to and including 9.1.0.20, 9.2.1.13, 9.3.0.6, and 9.4.0.3 contain a relative path traversal vulnerability. A low privileged local attacker may potentially exploit this vulnerability, leading to denial of service. | 5.5 | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
CVEs Addressed | Product | Affected Versions | Updated Versions | Link to Update |
CVE-2022-34369 | Dell PowerScale OneFS | 9.1.0.0 through 9.1.0.20 9.2.1.0 through 9.2.1.13 9.3.0.0 through 9.3.0.6 9.4.0.0 through 9.4.0.3 Download and install the latest RUP and follow the additional steps in "Workarounds and Mitigations". |
>= 9.1.0.21 >= 9.2.1.14 >= 9.3.0.7 >= 9.4.0.4 |
PowerScale OneFS Downloads Area |
Any other version | Upgrade your version of PowerScale OneFS | |||
CVE-2022-34371 | Dell PowerScale OneFS | 9.1.0.0 through 9.1.0.19 9.2.1.0 through 9.2.1.12 9.3.0.0 through 9.3.0.6 9.4.0.0 through 9.4.0.3 Download and install the latest RUP and follow the additional steps in "Workarounds and Mitigations". |
>= 9.1.0.20 >= 9.2.1.13 >= 9.3.0.7 >= 9.4.0.4 |
|
Any other version | Upgrade your version of PowerScale OneFS | |||
CVE-2022-34378 | Dell PowerScale OneFS | 9.1.0.0 through 9.1.0.20 9.2.1.0 through 9.2.1.13 9.3.0.0 through 9.3.0.6 9.4.0.0 through 9.4.0.3 Download and install the latest RUP and follow the additional steps in "Workarounds and Mitigations". |
>= 9.1.0.21 >= 9.2.1.14 >= 9.3.0.7 >= 9.4.0.4 |
|
Any other version | Upgrade your version of PowerScale OneFS |
CVEs Addressed | Product | Affected Versions | Updated Versions | Link to Update |
CVE-2022-34369 | Dell PowerScale OneFS | 9.1.0.0 through 9.1.0.20 9.2.1.0 through 9.2.1.13 9.3.0.0 through 9.3.0.6 9.4.0.0 through 9.4.0.3 Download and install the latest RUP and follow the additional steps in "Workarounds and Mitigations". |
>= 9.1.0.21 >= 9.2.1.14 >= 9.3.0.7 >= 9.4.0.4 |
PowerScale OneFS Downloads Area |
Any other version | Upgrade your version of PowerScale OneFS | |||
CVE-2022-34371 | Dell PowerScale OneFS | 9.1.0.0 through 9.1.0.19 9.2.1.0 through 9.2.1.12 9.3.0.0 through 9.3.0.6 9.4.0.0 through 9.4.0.3 Download and install the latest RUP and follow the additional steps in "Workarounds and Mitigations". |
>= 9.1.0.20 >= 9.2.1.13 >= 9.3.0.7 >= 9.4.0.4 |
|
Any other version | Upgrade your version of PowerScale OneFS | |||
CVE-2022-34378 | Dell PowerScale OneFS | 9.1.0.0 through 9.1.0.20 9.2.1.0 through 9.2.1.13 9.3.0.0 through 9.3.0.6 9.4.0.0 through 9.4.0.3 Download and install the latest RUP and follow the additional steps in "Workarounds and Mitigations". |
>= 9.1.0.21 >= 9.2.1.14 >= 9.3.0.7 >= 9.4.0.4 |
|
Any other version | Upgrade your version of PowerScale OneFS |
CVE | Additional Mitigation |
CVE-2022-34369 | In addition to upgrading your version of Dell PowerScale OneFS or downloading and installing the latest RUP,
|
CVE-2022-34371 | In addition to upgrading your version of Dell PowerScale OneFS or downloading and installing the latest RUP,
|
Revision | Date | Description |
1.0 | 2022-08-04 | Initial Release |