SB20250520113 - Multiple vulnerabilities in Dell PowerStore X
Published: May 20, 2025
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 8 secuirty vulnerabilities.
1) Overly permissive cross-domain whitelist (CVE-ID: CVE-2022-1996)
The vulnerability allows a remote attacker to bypass the CORS protection mechanism.
The vulnerability exists due to incorrect processing of the "Origin" HTTP header that is supplied within HTTP request. A remote attacker can supply arbitrary value via the "Origin" HTTP header, bypass implemented CORS protection mechanism and perform cross-site scripting attacks against the vulnerable application.
2) Code Injection (CVE-ID: CVE-2022-42889)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to an insecure variable interpolation when processing untrusted input. A remote attacker can send a specially crafted input and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
Note, the vulnerability was dubbed Text4shell.
3) SQL injection (CVE-ID: CVE-2022-29155)
The vulnerability allows a remote attacker to execute arbitrary SQL queries in database.
The vulnerability exists due to insufficient sanitization of user-supplied data in the experimental back-sql backend to slapd during an LDAP search operation when the search filter is processed. A remote attacker can send a specially crafted request to the affected application and execute arbitrary SQL commands within the application database.
Successful exploitation of this vulnerability may allow a remote attacker to read, delete, modify data in database and gain complete control over the affected application.
4) Improper access control (CVE-ID: CVE-2018-1000805)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to improper access control in SSH server. A remote unauthenticated attacker can bypass access controls via unspecified vectors and execute arbitrary code.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
5) Race condition (CVE-ID: CVE-2022-24302)
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to a race condition in the write_private_key_file() function between creation and chmod operations. A local user can exploit the race and gain unauthorized access to sensitive information.
6) XML External Entity injection (CVE-ID: CVE-2019-13990)
The vulnerability allows a remote attacker to conduct an XML External Entity (XXE) attack on a targeted system.
The vulnerability exists due to insufficient validation of user-supplied XML input in the "initDocumentParser" function in the "xml/XMLSchedulingDataProcessor.java" file. A remote authenticated attacker can submit a malicious job description to the targeted system and conduct an XXE attack.
7) Improper access control (CVE-ID: CVE-2018-8088)
The vulnerability allows a remote unauthenticated attacker to bypass access restrictions on the target system.The weakness exists in the org.slf4j.ext.EventData class due to improper security restrictions. A remote attacker can send specially crafted input, bypass access restrictions and gain unauthorized access to perform further attacks.
8) Deserialization of Untrusted Data (CVE-ID: CVE-2022-1471)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to insecure input validation when processing serialized data within the SnakeYaml's Constructor() class. A remote attacker can pass specially crafted yaml content to the application and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
Remediation
Install update from vendor's website.