CVE-2022-34371

CRITICAL Year: 2022
CVSS v3 Score
9.8
Critical
Weakness Type
CWE-522
View all →

Vulnerability Description

Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0.3, contain an unprotected transport of credentials vulnerability. A malicious unprivileged network attacker could potentially exploit this vulnerability, leading to full system compromise.

Related Vulnerabilities

CVE-2000-0944

CRITICAL
CVSS:9.8(Critical)

CGI Script Center News Update 1.1 does not properly validate the original news administration password during a password change operation, which allows remote attackers to modify the password without ...

CWE-5222000

CVE-2005-3435

CRITICAL
CVSS:9.8(Critical)

admin_news.php in Archilles Newsworld up to 1.3.0 allows attackers to bypass authentication by obtaining the password hash for another user, for example through another Newsworld vulnerability, and sp...

CWE-5222005

CVE-2007-0681

CRITICAL
CVSS:9.8(Critical)

profile.php in ExtCalendar 2 and earlier allows remote attackers to change the passwords of arbitrary users without providing the original password, and possibly perform other unauthorized actions, vi...

CWE-5222007

CVE-2013-7052

CRITICAL
CVSS:9.8(Critical)

D-Link DIR-100 4.03B07: security bypass via an error in the cliget.cgi script

CWE-5222013

CVE-2013-7055

CRITICAL
CVSS:9.8(Critical)

D-Link DIR-100 4.03B07 has PPTP and poe information disclosure

CWE-5222013

CVE-2014-3445

CRITICAL
CVSS:9.8(Critical)

backup.php in HandsomeWeb SOS Webpages before 1.1.12 does not require knowledge of the cleartext password, which allows remote attackers to bypass authentication by leveraging knowledge of the adminis...

CWE-5222014