Details of VAR-202208-1464

ID

VAR-202208-1464

CVE

CVE-2022-33932

TITLE

Dell's emc powerscale onefs Vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2022-015365

DESCRIPTION

Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0.2, contain an unprotected primary channel vulnerability. An unauthenticated network malicious attacker may potentially exploit this vulnerability, leading to a denial of filesystem services. Dell's emc powerscale onefs Exists in unspecified vulnerabilities.Service operation interruption (DoS) It may be in a state

Trust: 1.8

sources: NVD: CVE-2022-33932 // JVNDB: JVNDB-2022-015365 // VULHUB: VHN-426124 // VULMON: CVE-2022-33932

AFFECTED PRODUCTS

vendor:	dell	model:	emc powerscale onefs	scope:	lte	version:	9.3.0.6	Trust: 1.0
vendor:	dell	model:	emc powerscale onefs	scope:	gte	version:	9.4.0.0	Trust: 1.0
vendor:	dell	model:	emc powerscale onefs	scope:	lte	version:	9.1.0.19	Trust: 1.0
vendor:	dell	model:	emc powerscale onefs	scope:	gte	version:	9.1.0.0	Trust: 1.0
vendor:	dell	model:	emc powerscale onefs	scope:	gte	version:	9.3.0.0	Trust: 1.0
vendor:	dell	model:	emc powerscale onefs	scope:	gte	version:	9.2.1.0	Trust: 1.0
vendor:	dell	model:	emc powerscale onefs	scope:	lte	version:	9.2.1.12	Trust: 1.0
vendor:	dell	model:	emc powerscale onefs	scope:	lte	version:	9.4.0.2	Trust: 1.0
vendor:	デル	model:	emc powerscale onefs	scope:	eq	version:	9.4.0.0 to 9.4.0.2	Trust: 0.8
vendor:	デル	model:	emc powerscale onefs	scope:	-	version:	-	Trust: 0.8
vendor:	デル	model:	emc powerscale onefs	scope:	eq	version:	9.3.0.0 to 9.3.0.6	Trust: 0.8
vendor:	デル	model:	emc powerscale onefs	scope:	eq	version:	9.1.0.0 to 9.1.0.19	Trust: 0.8
vendor:	デル	model:	emc powerscale onefs	scope:	eq	version:	9.2.1.0 to 9.2.1.12	Trust: 0.8
vendor:	デル	model:	emc powerscale onefs	scope:	eq	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2022-015365 // NVD: CVE-2022-33932

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2022-33932
value:	MEDIUM
Trust: 1.0
security_alert@emc.com:	CVE-2022-33932
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2022-33932
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-202208-3675
value:	MEDIUM
Trust: 0.6

nvd@nist.gov:	CVE-2022-33932
baseSeverity:	MEDIUM
baseScore:	5.3
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	LOW
exploitabilityScore:	3.9
impactScore:	1.4
version:	3.1
Trust: 2.0
NVD:	CVE-2022-33932
baseSeverity:	MEDIUM
baseScore:	5.3
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	LOW
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: JVNDB: JVNDB-2022-015365 // CNNVD: CNNVD-202208-3675 // NVD: CVE-2022-33932 // NVD: CVE-2022-33932

PROBLEMTYPE DATA

problemtype:	CWE-419	Trust: 1.0
problemtype:	NVD-CWE-Other	Trust: 1.0
problemtype:	others (CWE-Other) [NVD evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2022-015365 // NVD: CVE-2022-33932

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202208-3675

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202208-3675

PATCH

title:

Dell PowerScale OneFS Security vulnerabilities

url:

http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=205390

Trust: 0.6

sources: CNNVD: CNNVD-202208-3675

EXTERNAL IDS

db:	NVD	id:	CVE-2022-33932	Trust: 3.4
db:	JVNDB	id:	JVNDB-2022-015365	Trust: 0.8
db:	CNNVD	id:	CNNVD-202208-3675	Trust: 0.6
db:	VULHUB	id:	VHN-426124	Trust: 0.1
db:	VULMON	id:	CVE-2022-33932	Trust: 0.1

sources: VULHUB: VHN-426124 // VULMON: CVE-2022-33932 // JVNDB: JVNDB-2022-015365 // CNNVD: CNNVD-202208-3675 // NVD: CVE-2022-33932

REFERENCES

url:	https://www.dell.com/support/kbdoc/en-us/000201094/dsa-2022-149-dell-emc-powerscale-onefs-security-update?lang=en	Trust: 2.6
url:	https://nvd.nist.gov/vuln/detail/cve-2022-33932	Trust: 0.8
url:	https://cxsecurity.com/cveshow/cve-2022-33932/	Trust: 0.6
url:	https://nvd.nist.gov	Trust: 0.1

sources: VULHUB: VHN-426124 // VULMON: CVE-2022-33932 // JVNDB: JVNDB-2022-015365 // CNNVD: CNNVD-202208-3675 // NVD: CVE-2022-33932

SOURCES

db:	VULHUB	id:	VHN-426124
db:	VULMON	id:	CVE-2022-33932
db:	JVNDB	id:	JVNDB-2022-015365
db:	CNNVD	id:	CNNVD-202208-3675
db:	NVD	id:	CVE-2022-33932

LAST UPDATE DATE

2024-08-14T13:53:04.852000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-426124	date:	2022-08-24T00:00:00
db:	VULMON	id:	CVE-2022-33932	date:	2022-08-22T00:00:00
db:	JVNDB	id:	JVNDB-2022-015365	date:	2023-09-26T08:26:00
db:	CNNVD	id:	CNNVD-202208-3675	date:	2022-08-29T00:00:00
db:	NVD	id:	CVE-2022-33932	date:	2022-08-24T14:33:12.087

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-426124	date:	2022-08-22T00:00:00
db:	VULMON	id:	CVE-2022-33932	date:	2022-08-22T00:00:00
db:	JVNDB	id:	JVNDB-2022-015365	date:	2023-09-26T00:00:00
db:	CNNVD	id:	CNNVD-202208-3675	date:	2022-08-22T00:00:00
db:	NVD	id:	CVE-2022-33932	date:	2022-08-22T17:15:08.393