1. Home
  2. CVE Database
  3. CVE-2022-22557
HIGH · 7.5

CVE-2022-22557

PowerStore contains Plain-Text Password Storage Vulnerability in PowerStore X & T environments running versions 2.0.0.x and 2.0.1.x A locally authenticated attacker could potentially exploit this vuln...

Vulnerability Description

PowerStore contains Plain-Text Password Storage Vulnerability in PowerStore X & T environments running versions 2.0.0.x and 2.0.1.x A locally authenticated attacker could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the vulnerable application with privileges of the compromised account.

CVSS Score

7.5

HIGH

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
HIGH

Affected Products

VendorProductVersions
DellPowerstoreos>= 2.0.0.0, < 2.1.0.0
DellPowerstore T-
DellPowerstore X-

Related Weaknesses (CWE)

CWE-522CWE-256

References

FAQ

What is CVE-2022-22557?

CVE-2022-22557 is a vulnerability with a CVSS score of 7.5 (HIGH). PowerStore contains Plain-Text Password Storage Vulnerability in PowerStore X & T environments running versions 2.0.0.x and 2.0.1.x A locally authenticated attacker could potentially exploit this vuln...

How severe is CVE-2022-22557?

CVE-2022-22557 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2022-22557?

Check the references section above for vendor advisories and patch information. Affected products include: Dell Powerstoreos, Dell Powerstore T, Dell Powerstore X.