{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2026-22278","assignerOrgId":"c550e75a-17ff-4988-97f0-544cde3820fe","state":"PUBLISHED","assignerShortName":"dell","dateReserved":"2026-01-07T07:17:24.536Z","datePublished":"2026-01-22T16:16:51.354Z","dateUpdated":"2026-02-26T14:44:32.181Z"},"containers":{"cna":{"affected":[{"defaultStatus":"unaffected","product":"PowerScale OneFS","vendor":"Dell","versions":[{"lessThan":"9.13.0.0","status":"affected","version":"N/A","versionType":"semver"}]}],"datePublic":"2026-01-14T18:30:00.000Z","descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"Dell PowerScale OneFS versions prior to 9.13.0.0 contains an improper restriction of excessive authentication attempts vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Unauthorized access.<br>"}],"value":"Dell PowerScale OneFS versions prior to 9.13.0.0 contains an improper restriction of excessive authentication attempts vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Unauthorized access."}],"metrics":[{"cvssV3_1":{"attackComplexity":"HIGH","attackVector":"NETWORK","availabilityImpact":"HIGH","baseScore":8.1,"baseSeverity":"HIGH","confidentialityImpact":"HIGH","integrityImpact":"HIGH","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","version":"3.1"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"cweId":"CWE-307","description":"CWE-307: Improper Restriction of Excessive Authentication Attempts","lang":"en","type":"CWE"}]}],"providerMetadata":{"orgId":"c550e75a-17ff-4988-97f0-544cde3820fe","shortName":"dell","dateUpdated":"2026-01-22T16:16:51.354Z"},"references":[{"tags":["vendor-advisory"],"url":"https://www.dell.com/support/kbdoc/en-us/000415586/dsa-2026-049-security-update-for-dell-powerscale-onefs-multiple-vulnerabilities"}],"source":{"discovery":"UNKNOWN"},"x_generator":{"engine":"Vulnogram 0.5.0"}},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"id":"CVE-2026-22278","role":"CISA Coordinator","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"total"}],"version":"2.0.3","timestamp":"2026-01-23T04:55:32.646425Z"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2026-02-26T14:44:32.181Z"}}]}}