CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 2022/07/21 4:15 a.m.•17 views

CVE-2022-22555

6.7CVSS0.0085EPSS

Prion•added 2022/07/21 4:15 a.m.•17 views

Design/Logic Flaw

Dell EMC PowerStore, Versions prior to v3.0.0.0 contain a DLL Hijacking vulnerability in PSTCLI. A local attacker can potentially exploit this vulnerability to execute arbitrary code, escalate privileges, and bypass software allow list solutions, leading to system takeover or IP exposure...

4.4CVSS7.9AI score0.00176EPSS

Prion•added 2022/07/21 4:15 a.m.•18 views

Authentication flaw

Dell EMC PowerStore, contains an Improper Restriction of Excessive Authentication Attempts Vulnerability in PowerStore Manager GUI. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to password brute-forcing. Account takeover is possible if weak passwords are...

7.5CVSS9.4AI score0.00867EPSS

Exploits0References1Affected Software5

Prion•added 2022/07/21 4:15 a.m.•14 views

Command injection

4CVSS7AI score0.0085EPSS

Exploits0References1Affected Software5

Prion•added 2022/07/21 4:15 a.m.•9 views

Command injection

Dell PowerStore, versions prior to 3.0.0.0, contains an OS Command Injection vulnerability in PowerStore T environment. A locally authenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS command on the PowerStore underlying OS. Exploiting may...

4.3CVSS7.9AI score0.00376EPSS

Exploits0References1Affected Software5

CNNVD•added 2022/07/21 12:0 a.m.•2 views

Dell EMC PowerStore 操作系统命令注入漏洞

Dell EMC PowerStore is a storage device from Dell, Inc.Pow is an open source, complete authentication and user management library built into Elixir that works out-of-the-box for Phoenix and Plug-based applications while being fully customizable. A security vulnerability exists in the Dell EMC...

6.7CVSS7.1AI score0.0085EPSS

CNNVD•added 2022/07/21 12:0 a.m.•2 views

Dell EMC PowerStore 安全漏洞

Dell EMC PowerStore is a storage device from Dell Inc. in the United States. A security vulnerability in the PowerStore Manager GUI component of the Dell EMC PowerStore, which stems from Authentication without reasonably limiting the number of authentications allows an unauthenticated remote...

9.8CVSS8.3AI score0.00867EPSS

CNNVD•added 2022/07/21 12:0 a.m.•3 views

Dell EMC PowerStore 代码问题漏洞

Dell EMC PowerStore is a storage device from Dell USA. A security vulnerability exists in Dell EMC PowerStore v3.0.0.0 and earlier versions, which originates from a DLL hijacking vulnerability that can be exploited by an attacker to execute arbitrary code, elevate privileges, and bypass software...

7.8CVSS7.7AI score0.00176EPSS

CNNVD•added 2022/07/21 12:0 a.m.•3 views

Dell EMC PowerStore 操作系统命令注入漏洞

Dell EMC PowerStore is a storage device from Dell, Inc. A security vulnerability exists in Dell EMC PowerStore versions prior to 3.0.0.0, which stems from an operating system command injection vulnerability contained in the PowerStore T environment, which could be exploited by a...

7.8CVSS7.5AI score0.00376EPSS

Cvelist•added 2022/07/20 8:55 p.m.•20 views

CVE-2022-33923

6.4CVSS8.1AI score0.00376EPSS

CVE•added 2022/07/20 8:55 p.m.•78 views

CVE-2022-33923

Dell PowerStore T: OS Command Injection in versions prior to 3.0.0.0. A locally authenticated attacker could execute arbitrary commands on the underlying OS, potentially taking over the system. Affected component is the PowerStore T environment; root cause is an OS command-injection vulnerability...

7.8CVSS7.8AI score0.00376EPSS

Cvelist•added 2022/07/20 8:55 p.m.•22 views

CVE-2022-32498

5.5CVSS8.1AI score0.00176EPSS

CVE•added 2022/07/20 8:55 p.m.•63 views

CVE-2022-32498

Summary: CVE-2022-32498 affects Dell EMC PowerStore before v3.0.0.0, with a DLL hijacking vulnerability in PSTCLI. A local attacker can potentially exploit this to execute arbitrary code, escalate privileges, and bypass software allow lists, potentially leading to system takeover or IP exposure. ...

7.8CVSS7.9AI score0.00176EPSS

Cvelist•added 2022/07/20 8:55 p.m.•20 views

CVE-2022-31234

8.1CVSS9.7AI score0.00867EPSS

CVE•added 2022/07/20 8:55 p.m.•66 views

CVE-2022-31234

Affected product/component: Dell EMC PowerStore Manager GUI. Root cause / vulnerability type: Improper restriction of excessive authentication attempts. Impact: Remote unauthenticated attacker could brute-force passwords, potentially leading to account takeover if weak passwords are used. Exploit...

9.8CVSS9.4AI score0.00867EPSS

Cvelist•added 2022/07/20 8:55 p.m.•19 views

CVE-2022-22555

6CVSS7.2AI score0.0085EPSS

CVE•added 2022/07/20 8:55 p.m.•51 views

CVE-2022-22555

CVE-2022-22555 – Dell EMC PowerStore OS command injection : A locally authenticated attacker could exploit a vulnerability in the PowerStore OS to run arbitrary OS commands with the vulnerable application’s privileges, potentially leading to privilege escalation. Affected product is Dell EMC Powe...

6.7CVSS6.9AI score0.0085EPSS

Positive Technologies•added 2022/07/20 12:0 a.m.•4 views

PT-2022-15523 · Dell Emc · Dell Emc Powerstore

Name of the Vulnerable Software and Affected Versions: Dell EMC PowerStore affected versions not specified Description: The issue is an OS command injection vulnerability. A locally authenticated attacker could potentially exploit this, leading to the execution of arbitrary OS commands on the...

6.7CVSS6.8AI score0.0085EPSS

Exploits0References4

ATTACKERKB•added 2022/07/07 12:0 a.m.•0 views

CVE-2022-31234

9.8CVSS7.4AI score0.00867EPSS