Article Number: 000204809
High
Proprietary Code CVE(s) | Description | CVSS Base Score | CVSS Vector String |
---|---|---|---|
CVE-2022-34453 | Dell XtremIO X2 XMS versions prior to 6-4-1.11 contain an improper access control vulnerability. A remote read only user could potentially exploit this vulnerability to perform add/delete QoS policies which are disabled by default. | 7.6 | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H |
Proprietary Code CVE(s) | Description | CVSS Base Score | CVSS Vector String |
---|---|---|---|
CVE-2022-34453 | Dell XtremIO X2 XMS versions prior to 6-4-1.11 contain an improper access control vulnerability. A remote read only user could potentially exploit this vulnerability to perform add/delete QoS policies which are disabled by default. | 7.6 | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H |
Product | Affected Version(s) | Updated Version(s) | Link to Update |
---|---|---|---|
XtremIO X2 | All releases prior to 6.4.1-11 | 6.4.1-11 | Support for XtremIO X2 | Drivers & Downloads | Dell US |
Product | Affected Version(s) | Updated Version(s) | Link to Update |
---|---|---|---|
XtremIO X2 | All releases prior to 6.4.1-11 | 6.4.1-11 | Support for XtremIO X2 | Drivers & Downloads | Dell US |
Revision | Date | Description |
---|---|---|
1.0 | 2022-11-1 | Initial Release |
1.2 | 2022-11-14 | Corrected “Affected Products and Remediation” section. Updated “Workaround and Mitigations” section. |
2.0 | 2023-7-18 | Updated “Proprietary Code” section and “Affected Products and Remediation” section: added Remediated details. |
XtremIO, Product Security Information, XtremIO Family, XtremIO X2
26 Jul 2023
Dell Security Advisory