Skip to main content

Container Storage Modules

5 CVEs product

Monthly

CVE-2026-40711 HIGH PATCH This Week

OS command injection in Dell Container Storage Modules (CSM) version 2.16.0 - spanning the csi-powerstore, csi-unity, csi-powerflex, and csi-powermax CSI drivers - lets a remote, high-privileged attacker inject and execute arbitrary operating-system commands (CWE-78). Successful exploitation yields full confidentiality, integrity, and availability impact with a scope change, meaning command execution can reach beyond the vulnerable component into the surrounding host or cluster. There is no public exploit identified at time of analysis and it is not listed in CISA KEV; the CVSS 3.1 base score is 8.0 (High).

Command Injection Dell Container Storage Modules
NVD
CVSS 3.1
8.0
EPSS
1.0%
CVE-2022-34427 HIGH PATCH This Week

Dell Container Storage Modules 1.2 contains an OS Command Injection in goiscsi and gobrick libraries. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Dell Command Injection Container Storage Modules
NVD
CVSS 3.1
8.8
EPSS
2.1%
CVE-2022-34426 HIGH PATCH This Week

Dell Container Storage Modules 1.2 contains an Improper Limitation of a Pathname to a Restricted Directory in goiscsi and gobrick libraries which could lead to OS command injection. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Dell Path Traversal Command Injection Container Storage Modules
NVD
CVSS 3.1
8.8
EPSS
1.5%
CVE-2022-34375 MEDIUM PATCH This Month

Dell Container Storage Modules 1.2 contains a path traversal vulnerability in goiscsi and gobrick libraries. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Dell Path Traversal Container Storage Modules
NVD
CVSS 3.1
6.5
EPSS
1.1%
CVE-2022-34374 HIGH PATCH This Week

Dell Container Storage Modules 1.2 contains an OS command injection in goiscsi and gobrick libraries. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Dell Command Injection Container Storage Modules
NVD
CVSS 3.1
8.8
EPSS
1.4%
EPSS 1% CVSS 8.0
HIGH PATCH This Week

OS command injection in Dell Container Storage Modules (CSM) version 2.16.0 - spanning the csi-powerstore, csi-unity, csi-powerflex, and csi-powermax CSI drivers - lets a remote, high-privileged attacker inject and execute arbitrary operating-system commands (CWE-78). Successful exploitation yields full confidentiality, integrity, and availability impact with a scope change, meaning command execution can reach beyond the vulnerable component into the surrounding host or cluster. There is no public exploit identified at time of analysis and it is not listed in CISA KEV; the CVSS 3.1 base score is 8.0 (High).

Command Injection Dell Container Storage Modules
NVD
EPSS 2% CVSS 8.8
HIGH PATCH This Week

Dell Container Storage Modules 1.2 contains an OS Command Injection in goiscsi and gobrick libraries. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Dell Command Injection Container Storage Modules
NVD
EPSS 2% CVSS 8.8
HIGH PATCH This Week

Dell Container Storage Modules 1.2 contains an Improper Limitation of a Pathname to a Restricted Directory in goiscsi and gobrick libraries which could lead to OS command injection. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Dell Path Traversal Command Injection +1
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

Dell Container Storage Modules 1.2 contains a path traversal vulnerability in goiscsi and gobrick libraries. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Dell Path Traversal Container Storage Modules
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

Dell Container Storage Modules 1.2 contains an OS command injection in goiscsi and gobrick libraries. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Dell Command Injection Container Storage Modules
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy