CVE-2022-22560

Summary

Dell EMC PowerScale OneFS 8.1.x - 9.1.x contain hard coded credentials. This allows a local user with knowledge of the credentials to login as the admin user to the backend ethernet switch of a PowerScale cluster. The attacker can exploit this vulnerability to take the switch offline.

Affected Software

VendorProductVersion RangeStatus
DellPowerScale OneFS8.1.x-9.2.1.xaffected

Weaknesses

  • CWE-798: CWE-798: Use of Hard-coded Credentials

ADP Enrichment

CVE Program Container

Additional References

References