CVE-2022-22557

HIGH Year: 2022
CVSS v3 Score
7.8
High
CVSS v2 Score
7.2
High
Weakness Type
CWE-256
View all →

Vulnerability Description

PowerStore contains Plain-Text Password Storage Vulnerability in PowerStore X & T environments running versions 2.0.0.x and 2.0.1.x A locally authenticated attacker could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the vulnerable application with privileges of the compromised account.

Related Vulnerabilities

CVE-2021-3787

HIGH
CVSS:7.8(High)

A vulnerability was reported in some Motorola-branded Binatone Hubble Cameras that could allow an attacker with local access to obtain the MQTT credentials that could result in unauthorized access to ...

CWE-2562021

CVE-2024-28961

HIGH
CVSS:7.8(High)

Dell OpenManage Enterprise, versions 4.0.0 and 4.0.1, contains a sensitive information disclosure vulnerability. A local low privileged malicious user could potentially exploit this vulnerability to o...

CWE-2562024

CVE-2024-43378

HIGH
CVSS:7.8(High)

calamares-nixos-extensions provides Calamares branding and modules for NixOS, a distribution of GNU/Linux. Users who installed NixOS through the graphical installer who used manual disk partitioning t...

CWE-2562024

CVE-2017-6049

HIGH
CVSS:7.5(High)

Detcon Sitewatch Gateway, all versions without cellular, an attacker can edit settings on the device using a specially crafted URL.

CWE-2562017

CVE-2019-10921

HIGH
CVSS:7.5(High)

A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3). Unencrypted storage of passwords in the project could allow an attacker with access to port 10005/tcp t...

CWE-2562019

CVE-2019-6518

HIGH
CVSS:7.5(High)

Moxa IKS and EDS store plaintext passwords, which may allow sensitive information to be read by someone with access to the device.

CWE-2562019