{"vulnerability": "CVE-2022-3444", "sightings": [{"uuid": "f8d3d210-9183-459e-b9d1-37e93e1d7230", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34444", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/8863", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-34444\n\ud83d\udd25 CVSS Score: 5.9 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)\n\ud83d\udd39 Description: \nDell PowerScale OneFS, versions 9.2.0.x through 9.4.0.x contain an information vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability to cause data leak.\n\n\n\n\n\n\n\ud83d\udccf Published: 2023-02-10T20:38:37.617Z\n\ud83d\udccf Modified: 2025-03-26T15:15:12.744Z\n\ud83d\udd17 References:\n1. https://www.dell.com/support/kbdoc/en-us/000205618/dsa-2022-271", "creation_timestamp": "2025-03-26T15:26:07.000000Z"}, {"uuid": "83259e30-f166-43b9-9edb-d8c8bccc25bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34449", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/8483", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-34449\n\ud83d\udd25 CVSS Score: 6 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N)\n\ud83d\udd39 Description: \nPowerPath Management Appliance with versions 3.3 & 3.2* contains a Hardcoded Cryptographic Keys vulnerability. Authenticated admin users can exploit the issue that leads to view and modifying sensitive information stored in the application.\n\n\n\n\n\n\n\ud83d\udccf Published: 2023-02-10T20:53:57.070Z\n\ud83d\udccf Modified: 2025-03-24T18:09:46.068Z\n\ud83d\udd17 References:\n1. https://www.dell.com/support/kbdoc/000205404", "creation_timestamp": "2025-03-24T18:22:46.000000Z"}, {"uuid": "f9f76f7b-c420-4e79-8218-37055d8384c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34446", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/8865", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-34446\n\ud83d\udd25 CVSS Score: 8.8 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: \nPowerPath Management Appliance with versions 3.3 & 3.2* contains Authorization Bypass vulnerability. An authenticated remote user with limited privileges (e.g., of role Monitoring) can exploit this issue and gain access to sensitive information, and modify the configuration.\n\n\n\n\n\n\n\ud83d\udccf Published: 2023-02-10T20:44:34.905Z\n\ud83d\udccf Modified: 2025-03-26T15:14:28.164Z\n\ud83d\udd17 References:\n1. https://www.dell.com/support/kbdoc/000205404", "creation_timestamp": "2025-03-26T15:26:09.000000Z"}, {"uuid": "42b07db0-97e4-46b7-9788-33006d49b5a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34445", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/8864", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-34445\n\ud83d\udd25 CVSS Score: 6 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N)\n\ud83d\udd39 Description: \nDell PowerScale OneFS, versions 8.2.x through 9.3.x contain a weak encoding for a password. A malicious local privileged attacker may potentially exploit this vulnerability, leading to information disclosure.\n\n\n\n\n\n\n\ud83d\udccf Published: 2023-02-10T20:41:15.512Z\n\ud83d\udccf Modified: 2025-03-26T15:14:49.440Z\n\ud83d\udd17 References:\n1. https://www.dell.com/support/kbdoc/en-us/000205618/dsa-2022-271", "creation_timestamp": "2025-03-26T15:26:08.000000Z"}, {"uuid": "d810eec4-5fdd-4dbf-9956-149df07992c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34448", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/8867", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-34448\n\ud83d\udd25 CVSS Score: 8.8 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: \nPowerPath Management Appliance with versions 3.3 & 3.2*, 3.1 & 3.0* contains a Cross-site Request Forgery vulnerability. An unauthenticated non-privileged user could potentially exploit the issue and perform any privileged state-changing actions.\n\n\n\n\n\n\n\ud83d\udccf Published: 2023-02-10T20:51:09.763Z\n\ud83d\udccf Modified: 2025-03-26T15:13:37.965Z\n\ud83d\udd17 References:\n1. https://www.dell.com/support/kbdoc/000205404", "creation_timestamp": "2025-03-26T15:26:11.000000Z"}, {"uuid": "c5c99c09-8c68-4c58-9ec6-5b68386cf171", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34447", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/8866", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-34447\n\ud83d\udd25 CVSS Score: 7.2 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: \nPowerPath Management Appliance with versions 3.3 & 3.2*, 3.1 & 3.0* contains OS Command Injection vulnerability. An authenticated remote attacker with administrative privileges could potentially exploit the issue and execute commands on the system as the root user.\n\n\n\n\n\n\n\ud83d\udccf Published: 2023-02-10T20:48:05.160Z\n\ud83d\udccf Modified: 2025-03-26T15:13:59.311Z\n\ud83d\udd17 References:\n1. https://www.dell.com/support/kbdoc/000205404", "creation_timestamp": "2025-03-26T15:26:10.000000Z"}, {"uuid": "e3842922-76de-4e2c-a752-a01016a04494", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34442", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/10301", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-34442\n\ud83d\udd25 CVSS Score: 8 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L)\n\ud83d\udd39 Description: \nDell EMC SCG Policy Manager, versions from 5.10 to 5.12, contain(s) a contain a Hard-coded Cryptographic Key vulnerability. \u00a0An attacker with the knowledge of the hard-coded sensitive information, could potentially exploit this vulnerability to login to the system to gain LDAP user privileges.\n\n\n\n\n\n\n\ud83d\udccf Published: 2023-01-18T06:54:35.455Z\n\ud83d\udccf Modified: 2025-04-03T18:08:18.526Z\n\ud83d\udd17 References:\n1. https://www.dell.com/support/kbdoc/en-us/000204995/dsa-2022-273-dell-secure-connect-gateway-policy-manager-security-update-for-multiple-proprietary-code-vulnerabilities", "creation_timestamp": "2025-04-03T18:35:28.000000Z"}, {"uuid": "75753378-0bd1-4cc4-95a4-59f92ccac38e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34442", "type": "seen", "source": "https://t.me/cibsecurity/56657", "content": "\u203c CVE-2022-34442 \u203c\n\nDell EMC SCG Policy Manager, versions from 5.10 to 5.12, contain(s) a contain a Hard-coded Cryptographic Key vulnerability. An attacker with the knowledge of the hard-coded sensitive information, could potentially exploit this vulnerability to login to the system to gain LDAP user privileges.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-18T12:20:49.000000Z"}]}