CVE-2022-33932

{"id": "CVE-2022-33932", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 3.9}, {"type": "Secondary", "source": "security_alert@emc.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 3.9}]}, "published": "2022-08-22T17:15:08.393", "references": [{"url": "https://www.dell.com/support/kbdoc/en-us/000201094/dsa-2022-149-dell-emc-powerscale-onefs-security-update?lang=en", "tags": ["Vendor Advisory"], "source": "security_alert@emc.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}, {"type": "Secondary", "source": "security_alert@emc.com", "description": [{"lang": "en", "value": "CWE-419"}]}], "descriptions": [{"lang": "en", "value": "Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0.2, contain an unprotected primary channel vulnerability. An unauthenticated network malicious attacker may potentially exploit this vulnerability, leading to a denial of filesystem services."}, {"lang": "es", "value": "Dell PowerScale OneFS, versiones 9.0.0 hasta 9.1.0.19, 9.2.1.12, 9.3.0.6 y 9.4.0.2 incluy\u00e9ndola, contienen una vulnerabilidad de canal primario no protegido. Un atacante malintencionado no autenticado en la red puede explotar potencialmente esta vulnerabilidad, conllevando a una denegaci\u00f3n de los servicios del sistema de archivos."}], "lastModified": "2022-08-24T14:33:12.087", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dell:emc_powerscale_onefs:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1C0A982E-C690-4103-B27D-F30C7B913D33", "versionEndIncluding": "9.1.0.19", "versionStartIncluding": "9.1.0.0"}, {"criteria": "cpe:2.3:o:dell:emc_powerscale_onefs:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C8C6C3D7-DEF8-4299-B2D9-CADFE9CF6FE6", "versionEndIncluding": "9.2.1.12", "versionStartIncluding": "9.2.1.0"}, {"criteria": "cpe:2.3:o:dell:emc_powerscale_onefs:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "59849B62-4A3A-4249-9FCF-8C076F94DA22", "versionEndIncluding": "9.3.0.6", "versionStartIncluding": "9.3.0.0"}, {"criteria": "cpe:2.3:o:dell:emc_powerscale_onefs:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D61851E6-186E-44BF-BB61-B48AF3A9D836", "versionEndIncluding": "9.4.0.2", "versionStartIncluding": "9.4.0.0"}], "operator": "OR"}]}], "sourceIdentifier": "security_alert@emc.com"}