CVE-2022-23159
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Dell PowerScale OneFS, 8.2.2 - 9.3.0.x, contain a missing release of memory after effective lifetime vulnerability. An authenticated user with ISI_PRIV_LOGIN_SSH and/or ISI_PRIV_LOGIN_CONSOLE and ISI_PRIV_AUTH_PROVIDERS privileges could exploit this vulnerability, leading to a Denial-Of-Service. This can also impact a cluster in Compliance mode. Dell recommends to update at the earliest opportunity.
Dell PowerScale OneFS, 8.2.2 - 9.3.0.x, contiene una vulnerabilidad de falta de liberación de memoria después del tiempo de vida efectivo. Un usuario autenticado con privilegios ISI_PRIV_LOGIN_SSH y/o ISI_PRIV_LOGIN_CONSOLE e ISI_PRIV_AUTH_PROVIDERS podría aprovechar esta vulnerabilidad, conllevando a una denegación de servicio. Esto también puede afectar a un clúster en modo de cumplimiento. Dell recomienda actualizar lo antes posible
CVSS Scores
SSVC
- Decision:-
Timeline
- 2022-01-11 CVE Reserved
- 2022-04-12 CVE Published
- 2023-11-03 EPSS Updated
- 2024-09-17 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-401: Missing Release of Memory after Effective Lifetime
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://www.dell.com/support/kbdoc/000196009 | 2022-04-20 |
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Dell Search vendor "Dell" | Emc Powerscale Onefs Search vendor "Dell" for product "Emc Powerscale Onefs" | >= 8.2.2 <= 9.3.0 Search vendor "Dell" for product "Emc Powerscale Onefs" and version " >= 8.2.2 <= 9.3.0" | - |
Affected
| ||||||