CVE-2022-22561
https://notcve.org/view.php?id=CVE-2022-22561
Dell PowerScale OneFS, versions 8.2.x-9.3.0.x, contain an improper restriction of excessive authentication attempts. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to compromised accounts. Dell PowerScale OneFS, versiones 8.2.x-9.3.0.x, contienen una restricción inapropiada de intentos de autenticación excesivos. Un atacante remoto no autenticado podría explotar esta vulnerabilidad, conllevando a cuentas comprometidas • https://www.dell.com/support/kbdoc/000195815 • CWE-307: Improper Restriction of Excessive Authentication Attempts •
CVE-2022-22559
https://notcve.org/view.php?id=CVE-2022-22559
Dell PowerScale OneFS, version 9.3.0, contains a use of a broken or risky cryptographic algorithm. An unprivileged network attacker could exploit this vulnerability, leading to the potential for information disclosure. Dell PowerScale OneFS, versión 9.3.0, contiene un uso de un algoritmo criptográfico roto o arriesgado. Un atacante de red no privilegiado podría explotar esta vulnerabilidad, conllevando a una posibilidad de revelar información • https://www.dell.com/support/kbdoc/000195815 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVE-2022-22550
https://notcve.org/view.php?id=CVE-2022-22550
Dell PowerScale OneFS, versions 8.2.2 and above, contain a password disclosure vulnerability. An unprivileged local attacker could potentially exploit this vulnerability, leading to account take over. Dell PowerScale OneFS, versiones 8.2.2 y superiores, contienen una vulnerabilidad de divulgación de contraseñas. Un atacante local no privilegiado podría explotar esta vulnerabilidad, conllevando a una toma de la cuenta • https://www.dell.com/support/kbdoc/000195815 • CWE-522: Insufficiently Protected Credentials CWE-549: Missing Password Field Masking •
CVE-2022-22549
https://notcve.org/view.php?id=CVE-2022-22549
Dell PowerScale OneFS, 8.2.x-9.3.x, contains a Improper Certificate Validation. A unauthenticated remote attacker could potentially exploit this vulnerability, leading to a man-in-the-middle capture of administrative credentials. Dell PowerScale OneFS, versiones 8.2.x-9.3.x, contiene una comprobación inapropiada de certificados. Un atacante remoto no autenticado podría explotar esta vulnerabilidad, conllevando a una captura de credenciales administrativas por parte de un ataque de tipo man-in-the-middle • https://www.dell.com/support/kbdoc/en-us/000195815/dsa-2022-002-dell-emc-powerscale-onefs-security-update-for-multiple-vulnerabilities • CWE-295: Improper Certificate Validation •
CVE-2022-26855
https://notcve.org/view.php?id=CVE-2022-26855
Dell PowerScale OneFS, versions 8.2.x-9.3.0.x, contains an incorrect default permissions vulnerability. A local malicious user could potentially exploit this vulnerability, leading to a denial of service. Dell PowerScale OneFS, versiones 8.2.x-9.3.0.x, contiene una vulnerabilidad de permisos por defecto incorrectos. Un usuario local malicioso podría explotar esta vulnerabilidad, conllevando a una denegación de servicio • https://www.dell.com/support/kbdoc/en-us/000197991/dell-emc-powerscale-onefs-security-update-for-multiple-component-vulnerabilities • CWE-276: Incorrect Default Permissions •