CVE-2022-45103
Severity CVSS v4.0:
Pending analysis
Type:
CWE-200
Information Leak / Disclosure
Publication date:
18/01/2023
Last modified:
07/11/2023
Description
<br />
Dell Unisphere for PowerMax vApp, VASA Provider vApp, and Solution Enabler vApp version 9.2.3.x contain an information disclosure vulnerability. A low privileged remote attacker could potentially exploit this vulnerability, leading to read arbitrary files on the underlying file system.<br />
<br />
<br />
<br />
<br />
<br />
Impact
Base Score 3.x
6.50
Severity 3.x
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:dell:emc_solutions_enabler_virtual_appliance:*:*:*:*:*:*:*:* | 9.2.3.6 (excluding) | |
| cpe:2.3:a:dell:emc_unisphere_for_powermax:*:*:*:*:*:*:*:* | 9.2.3.22 (excluding) | |
| cpe:2.3:a:dell:emc_unisphere_for_powermax:*:*:*:*:*:*:*:* | 10.0.0.0 (including) | 10.0.0.5 (excluding) |
| cpe:2.3:a:dell:emc_unisphere_for_powermax_virtual_appliance:*:*:*:*:*:*:*:* | 9.2.3.22 (excluding) | |
| cpe:2.3:a:dell:emc_vasa_provider_virtual_appliance:*:*:*:*:*:*:*:* | 9.2.4.15 (excluding) | |
| cpe:2.3:a:dell:solutions_enabler:*:*:*:*:*:*:*:* | 9.2.3.6 (excluding) | |
| cpe:2.3:a:dell:solutions_enabler:*:*:*:*:*:*:*:* | 10.0.0.0 (including) | 10.0.0.5 (excluding) |
| cpe:2.3:a:dell:unisphere_360:*:*:*:*:*:*:*:* | 9.2.3.12 (excluding) | |
| cpe:2.3:a:dell:vasa_provider:*:*:*:*:standalone:*:*:* | 9.2.4.22 (excluding) | |
| cpe:2.3:o:dell:powermax_os:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:dell:powermax_os:5978:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page