CVE-2022-22555
Severity Score
6.7
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Dell EMC PowerStore, contains an OS command injection Vulnerability. A locally authenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the PowerStore underlying OS, with the privileges of the vulnerable application. Exploitation may lead to an elevation of privilege.
Dell EMC PowerStore, contiene una vulnerabilidad de inyección de comandos del Sistema Operativo. Un atacante autenticado localmente podría potencialmente explotar esta vulnerabilidad, conllevando a una ejecución de comandos de SO arbitrarios en el SO subyacente de PowerStore, con los privilegios de la aplicación vulnerable. La explotación puede conllevar a una elevación de privilegios
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2022-01-04 CVE Reserved
- 2022-07-20 CVE Published
- 2024-02-08 EPSS Updated
- 2024-09-16 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://www.dell.com/support/kbdoc/000201283 | 2022-08-01 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Dell Search vendor "Dell" | Emc Powerstore 500t Firmware Search vendor "Dell" for product "Emc Powerstore 500t Firmware" | < 3.0.0.0-1732745 Search vendor "Dell" for product "Emc Powerstore 500t Firmware" and version " < 3.0.0.0-1732745" | - |
Affected
| in | Dell Search vendor "Dell" | Emc Powerstore 500t Search vendor "Dell" for product "Emc Powerstore 500t" | - | - |
Safe
|
| Dell Search vendor "Dell" | Emc Powerstore 1200t Firmware Search vendor "Dell" for product "Emc Powerstore 1200t Firmware" | < 3.0.0.0-1732745 Search vendor "Dell" for product "Emc Powerstore 1200t Firmware" and version " < 3.0.0.0-1732745" | - |
Affected
| in | Dell Search vendor "Dell" | Emc Powerstore 1200t Search vendor "Dell" for product "Emc Powerstore 1200t" | - | - |
Safe
|
| Dell Search vendor "Dell" | Emc Powerstore 3200t Firmware Search vendor "Dell" for product "Emc Powerstore 3200t Firmware" | < 3.0.0.0-1732745 Search vendor "Dell" for product "Emc Powerstore 3200t Firmware" and version " < 3.0.0.0-1732745" | - |
Affected
| in | Dell Search vendor "Dell" | Emc Powerstore 3200t Search vendor "Dell" for product "Emc Powerstore 3200t" | - | - |
Safe
|
| Dell Search vendor "Dell" | Emc Powerstore 5200t Firmware Search vendor "Dell" for product "Emc Powerstore 5200t Firmware" | < 3.0.0.0-1732745 Search vendor "Dell" for product "Emc Powerstore 5200t Firmware" and version " < 3.0.0.0-1732745" | - |
Affected
| in | Dell Search vendor "Dell" | Emc Powerstore 5200t Search vendor "Dell" for product "Emc Powerstore 5200t" | - | - |
Safe
|
| Dell Search vendor "Dell" | Emc Powerstore 9200t Firmware Search vendor "Dell" for product "Emc Powerstore 9200t Firmware" | < 3.0.0.0-1732745 Search vendor "Dell" for product "Emc Powerstore 9200t Firmware" and version " < 3.0.0.0-1732745" | - |
Affected
| in | Dell Search vendor "Dell" | Emc Powerstore 9200t Search vendor "Dell" for product "Emc Powerstore 9200t" | - | - |
Safe
|