Dell PowerScale OneFS 8.2.x-9.4.x DoS via Insufficient Rsc Pool
CVE-2022-46679 Published on February 1, 2023
Dell PowerScale OneFS 8.2.x, 9.0.0.x - 9.4.0.x, contain an insufficient resource pool vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to denial of service.
Vulnerability Analysis
CVE-2022-46679 can be exploited with network access, and does not require authorization privileges or user interaction. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have a small impact on confidentiality, a small impact on integrity, and a small impact on availability.
Weakness Type
Insufficient Resource Pool
The software's resource pool is not large enough to handle peak demand, which allows an attacker to prevent others from accessing the resource by using a (relatively) large number of requests for resources. Frequently the consequence is a "flood" of connection or sessions.
Products Associated with CVE-2022-46679
stack.watch emails you whenever new vulnerabilities are published in Dell Emc Powerscale Onefs or Dell Powerscale Onefs. Just hit a watch button to start following.
Affected Versions
Dell PowerScale OneFS:- Version 8.2.x;9.0.0.x, <= 9.4.0.x is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.