CVE-2022-31234
Severity Score
9.8
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Dell EMC PowerStore, contain(s) an Improper Restriction of Excessive Authentication Attempts Vulnerability in PowerStore Manager GUI. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to password brute-forcing. Account takeover is possible if weak passwords are used by users.
Dell EMC PowerStore, contiene una vulnerabilidad de restricción inapropiada de intentos de autenticación excesivos en la GUI de PowerStore Manager. Un atacante remoto no autenticado podría explotar esta vulnerabilidad, conllevando a forzar la contraseña. La toma de control de la cuenta es posible si los usuarios usan contraseñas débiles
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2022-05-19 CVE Reserved
- 2022-07-20 CVE Published
- 2024-09-16 CVE Updated
- 2024-10-11 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-307: Improper Restriction of Excessive Authentication Attempts
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://www.dell.com/support/kbdoc/000201283 | 2022-07-30 |
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Dell Search vendor "Dell" | Emc Powerstore 500t Firmware Search vendor "Dell" for product "Emc Powerstore 500t Firmware" | < 3.0.0.0-1732745 Search vendor "Dell" for product "Emc Powerstore 500t Firmware" and version " < 3.0.0.0-1732745" | - |
Affected
| in | Dell Search vendor "Dell" | Emc Powerstore 500t Search vendor "Dell" for product "Emc Powerstore 500t" | - | - |
Safe
|
| Dell Search vendor "Dell" | Emc Powerstore 1200t Firmware Search vendor "Dell" for product "Emc Powerstore 1200t Firmware" | < 3.0.0.0-1732745 Search vendor "Dell" for product "Emc Powerstore 1200t Firmware" and version " < 3.0.0.0-1732745" | - |
Affected
| in | Dell Search vendor "Dell" | Emc Powerstore 1200t Search vendor "Dell" for product "Emc Powerstore 1200t" | - | - |
Safe
|
| Dell Search vendor "Dell" | Emc Powerstore 3200t Firmware Search vendor "Dell" for product "Emc Powerstore 3200t Firmware" | < 3.0.0.0-1732745 Search vendor "Dell" for product "Emc Powerstore 3200t Firmware" and version " < 3.0.0.0-1732745" | - |
Affected
| in | Dell Search vendor "Dell" | Emc Powerstore 3200t Search vendor "Dell" for product "Emc Powerstore 3200t" | - | - |
Safe
|
| Dell Search vendor "Dell" | Emc Powerstore 5200t Firmware Search vendor "Dell" for product "Emc Powerstore 5200t Firmware" | < 3.0.0.0-1732745 Search vendor "Dell" for product "Emc Powerstore 5200t Firmware" and version " < 3.0.0.0-1732745" | - |
Affected
| in | Dell Search vendor "Dell" | Emc Powerstore 5200t Search vendor "Dell" for product "Emc Powerstore 5200t" | - | - |
Safe
|
| Dell Search vendor "Dell" | Emc Powerstore 9200t Firmware Search vendor "Dell" for product "Emc Powerstore 9200t Firmware" | < 3.0.0.0-1732745 Search vendor "Dell" for product "Emc Powerstore 9200t Firmware" and version " < 3.0.0.0-1732745" | - |
Affected
| in | Dell Search vendor "Dell" | Emc Powerstore 9200t Search vendor "Dell" for product "Emc Powerstore 9200t" | - | - |
Safe
|