DSA-2022-259: Dell Container Storage Modules Security Update for Multiple Vulnerabilities
요약: Dell Container Storage Modules remediation is available for gofsutil that may be exploited by malicious users to compromise the affected system.
이 문서는 다음에 적용됩니다.
이 문서는 다음에 적용되지 않습니다.
이 문서는 특정 제품과 관련이 없습니다.
모든 제품 버전이 이 문서에 나와 있는 것은 아닙니다.
영향
High
세부 정보
| Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
| CVE-2022-34427 | Dell Container Storage Modules 1.3 contains an operating system command injection in gofsutil library. A remote authenticated malicious user with low privileges may potentially exploit this vulnerability to run arbitrary operating system commands on the affected system. | 8.8 | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
CVE-2022-34426 |
Dell Container Storage Modules 1.3 contains a path traversal vulnerability in gofsutil library. A remote authenticated malicious user with low privileges may potentially exploit this vulnerability leading to unintentional access to a path outside of restricted directory. | 8.8 | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
| Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
| CVE-2022-34427 | Dell Container Storage Modules 1.3 contains an operating system command injection in gofsutil library. A remote authenticated malicious user with low privileges may potentially exploit this vulnerability to run arbitrary operating system commands on the affected system. | 8.8 | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
CVE-2022-34426 |
Dell Container Storage Modules 1.3 contains a path traversal vulnerability in gofsutil library. A remote authenticated malicious user with low privileges may potentially exploit this vulnerability leading to unintentional access to a path outside of restricted directory. | 8.8 | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
영향을 받는 제품 및 문제 해결
| CVEs Addressed | Product | Affected Versions | Updated Version | Link to Update |
| CVE-2022-34427 | Dell Container Storage Modules | Versions 1.9 and earlier | 1.10.0 | https://github.com/dell/gofsutil |
| CVE-2022-34426 |
| CVEs Addressed | Product | Affected Versions | Updated Version | Link to Update |
| CVE-2022-34427 | Dell Container Storage Modules | Versions 1.9 and earlier | 1.10.0 | https://github.com/dell/gofsutil |
| CVE-2022-34426 |
개정 내역
| Revision | Date | Description |
| 1.0 | 2022-09-15 | Initial Release |
관련 정보
법적 고지 사항
해당 제품
Container Storage Modules, Product Security Information문서 속성
문서 번호: 000203352
문서 유형: Dell Security Advisory
마지막 수정 시간: 18 9월 2025
다른 Dell 사용자에게 질문에 대한 답변 찾기
지원 서비스
디바이스에 지원 서비스가 적용되는지 확인하십시오.