CVE-2022-29085
Description
Dell Unity, Dell UnityVSA, and Dell Unity XT versions prior to 5.2.0.0.5.173 contain a plain-text password storage vulnerability when certain off-array tools are run on the system. The credentials of a user with high privileges are stored in plain text. A local malicious user with high privileges may use the exposed password to gain access with the privileges of the compromised user.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
A plain-text password storage vulnerability in Dell Unity, UnityVSA, and Unity XT allows a local high-privileged attacker to obtain credentials.
Vulnerability
Dell Unity, Dell UnityVSA, and Dell Unity XT operating environment (OE) versions prior to 5.2.0.0.5.173 contain a plain-text password storage vulnerability when certain off-array tools are run. The credentials of a user with high privileges are stored in plain text. [1]
Exploitation
A local malicious user with high privileges can exploit this vulnerability by running the off-array tools that expose the credentials in plain text. The attacker must already have high privileges on the system to access the stored credentials. [1]
Impact
Successful exploitation allows the attacker to obtain the plain-text password of a user with high privileges, which can be used to gain the same level of access, potentially leading to full system compromise. [1]
Mitigation
Dell has released an update to version 5.2.0.0.5.173 for all affected products. Users should upgrade to the fixed version provided in the Dell support link. [1]
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
4Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- www.dell.com/support/kbdoc/000199050mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.