Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2022-22557

Опубликовано: 02 июн. 2022
Источник: nvd
CVSS3: 7.5
CVSS3: 7.8
CVSS2: 7.2
EPSS Низкий

Описание

PowerStore contains Plain-Text Password Storage Vulnerability in PowerStore X & T environments running versions 2.0.0.x and 2.0.1.x A locally authenticated attacker could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the vulnerable application with privileges of the compromised account.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:dell:powerstoreos:*:*:*:*:*:*:*:*
Версия от 2.0.0.0 (включая) до 2.1.0.0 (исключая)
cpe:2.3:h:dell:powerstore_t:-:*:*:*:*:*:*:*
Конфигурация 2

Одновременно

cpe:2.3:o:dell:powerstoreos:*:*:*:*:*:*:*:*
Версия от 2.0.0.0 (включая) до 2.1.1.0 (исключая)
cpe:2.3:h:dell:powerstore_x:-:*:*:*:*:*:*:*

EPSS

Процентиль: 12%
0.00039
Низкий

7.5 High

CVSS3

7.8 High

CVSS3

7.2 High

CVSS2

Дефекты

CWE-256
CWE-522

Связанные уязвимости

github логотип

GHSA-xfxv-hqvj-fpfc

CVSS3: 7.8
github
больше 3 лет назад

PowerStore contains Plain-Text Password Storage Vulnerability in PowerStore X & T environments running versions 2.0.0.x and 2.0.1.x A locally authenticated attacker could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the vulnerable application with privileges of the compromised account.

EPSS

Процентиль: 12%
0.00039
Низкий

7.5 High

CVSS3

7.8 High

CVSS3

7.2 High

CVSS2

Дефекты

CWE-256
CWE-522