Lucene search

DellCVELIST:CVE-2022-31233

HistoryAug 31, 2022 - 8:05 p.m.

CVE-2022-31233

2022-08-3120:05:14

CWE-602

dell

www.cve.org

unisphere

powermax

privilege escalation

vulnerability

cve-2022-31233

adjacent malicious user

escalate privileges

access functionalities.

CVSS3

6.3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N

EPSS

Percentile

12.6%

JSON

Unisphere for PowerMax versions before 9.2.3.15 contain a privilege escalation vulnerability. An adjacent malicious user may potentially exploit this vulnerability to escalate their privileges and access functionalities they do not have access to.

CNA Affected

[
  {
    "product": "Unisphere for PowerMax",
    "vendor": "Dell",
    "versions": [
      {
        "lessThan": "9.2.3.15",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

References

www.dell.com/support/kbdoc/000200975

CVSS3

6.3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N

EPSS

Percentile

12.6%

JSON

Related for CVELIST:CVE-2022-31233