CVE-2022-22557
Summary
| CVE | CVE-2022-22557 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2022-06-02 21:15:00 UTC |
| Updated | 2023-07-24 13:31:00 UTC |
| Description | PowerStore contains Plain-Text Password Storage Vulnerability in PowerStore X & T environments running versions 2.0.0.x and 2.0.1.x A locally authenticated attacker could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the vulnerable application with privileges of the compromised account. |
Risk And Classification
Problem Types: CWE-522
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Operating System | Dell | Powerstoreos | All | All | All | All |
| Hardware | Dell | Powerstore T | - | All | All | All |
| Hardware | Dell | Powerstore X | - | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| DSA-2022-014: Dell EMC PowerStore Family Security Update for Multiple Vulnerabilities | Dell US | CONFIRM | www.dell.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.