CVE-2022-24411

Summary

Dell PowerScale OneFS 8.2.2 and above contain an elevation of privilege vulnerability. A local attacker with ISI_PRIV_LOGIN_SSH and/or ISI_PRIV_LOGIN_CONSOLE could potentially exploit this vulnerability, leading to elevation of privilege. This could potentially allow users to circumvent PowerScale Compliance Mode guarantees.

Affected Software

VendorProductVersion RangeStatus
DellPowerScale OneFS8.2.2 - 9.3.0.xaffected

Weaknesses

  • CWE-378: CWE-378: Creation of Temporary File With Insecure Permissions

ADP Enrichment

CVE Program Container

Additional References

References