Authentication Bypass Vulnerability in Dell PowerStore
CVE-2022-26870

7HIGH

Key Information:

Vendor: Dell
Status: Powerstore
Vendor: CVE Published:; 21 October 2022

What is CVE-2022-26870?

Dell PowerStore versions 2.1.0.x are susceptible to an authentication bypass vulnerability that allows remote unauthenticated attackers to exploit specific configurations. By successfully exploiting this vulnerability, attackers can gain unauthorized access to the system, highlighting the importance of secure configuration and proactive monitoring.

Affected Version(s)

PowerStore < 2.1.x

References

https://www.dell.com/support/kbdoc/000196367

CVSS V3.1

Score:

Severity:

HIGH

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 21, 2022
Vulnerability Reserved
Mar 10, 2022