CVE-2022-22550
EUVD-2022-2769612.04.2022, 18:15
Dell PowerScale OneFS, versions 8.2.2 and above, contain a password disclosure vulnerability. An unprivileged local attacker could potentially exploit this vulnerability, leading to account take over.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| dell | emc_powerscale_onefs | 8.2.2 ≤ 𝑥 ≤ 9.3.0 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
- CWE-549 - Missing Password Field MaskingThe software does not mask passwords during entry, increasing the potential for attackers to observe and capture passwords.
- CWE-522 - Insufficiently Protected CredentialsThe product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.