DSA-2022-259: Dell Container Storage Modules Security Update for Multiple Vulnerabilities
Resumen: Dell Container Storage Modules remediation is available for gofsutil that may be exploited by malicious users to compromise the affected system.
Este artículo se aplica a
Este artículo no se aplica a
Este artículo no está vinculado a ningún producto específico.
No se identifican todas las versiones del producto en este artículo.
Impacto
High
Detalles
| Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
| CVE-2022-34427 | Dell Container Storage Modules 1.3 contains an operating system command injection in gofsutil library. A remote authenticated malicious user with low privileges may potentially exploit this vulnerability to run arbitrary operating system commands on the affected system. | 8.8 | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
CVE-2022-34426 |
Dell Container Storage Modules 1.3 contains a path traversal vulnerability in gofsutil library. A remote authenticated malicious user with low privileges may potentially exploit this vulnerability leading to unintentional access to a path outside of restricted directory. | 8.8 | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
| Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
| CVE-2022-34427 | Dell Container Storage Modules 1.3 contains an operating system command injection in gofsutil library. A remote authenticated malicious user with low privileges may potentially exploit this vulnerability to run arbitrary operating system commands on the affected system. | 8.8 | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
CVE-2022-34426 |
Dell Container Storage Modules 1.3 contains a path traversal vulnerability in gofsutil library. A remote authenticated malicious user with low privileges may potentially exploit this vulnerability leading to unintentional access to a path outside of restricted directory. | 8.8 | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Corrección y productos afectados
| CVEs Addressed | Product | Affected Versions | Updated Version | Link to Update |
| CVE-2022-34427 | Dell Container Storage Modules | Versions 1.9 and earlier | 1.10.0 | https://github.com/dell/gofsutil |
| CVE-2022-34426 |
| CVEs Addressed | Product | Affected Versions | Updated Version | Link to Update |
| CVE-2022-34427 | Dell Container Storage Modules | Versions 1.9 and earlier | 1.10.0 | https://github.com/dell/gofsutil |
| CVE-2022-34426 |
Historial de revisiones
| Revision | Date | Description |
| 1.0 | 2022-09-15 | Initial Release |
Información relacionada
Descargo de responsabilidad
Productos afectados
Container Storage Modules, Product Security InformationPropiedades del artículo
Número del artículo: 000203352
Tipo de artículo: Dell Security Advisory
Última modificación: 18 sept 2025
Encuentre respuestas a sus preguntas de otros usuarios de Dell
Servicios de soporte
Compruebe si el dispositivo está cubierto por los servicios de soporte.