Cyber Resilience

CVE-2026-22278

High

Published: 22 January 2026

Published
22 January 2026
Modified
28 January 2026
KEV Added
Patch
CVSS Score v3.1 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0037 28.4th percentile
Risk Priority 55 floored blend · peak EPSS

Summary

CVE-2026-22278 is a high-severity Improper Restriction of Excessive Authentication Attempts (CWE-307) vulnerability in Dell Powerscale Onefs. Its CVSS base score is 8.1 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Brute Force (T1110); ranked at the 28.4th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 AC-7 (Unsuccessful Logon Attempts) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2026-22278 is an improper restriction of excessive authentication attempts vulnerability, classified under CWE-307, affecting Dell PowerScale OneFS versions prior to 9.13.0.0. Published on 2026-01-22, it carries a CVSS v3.1 base score of 8.1 (AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H), indicating high severity due to significant impacts on confidentiality, integrity, and availability.

An unauthenticated attacker with remote network access can exploit this vulnerability, though it requires high attack complexity and no user privileges or interaction. Successful exploitation could lead to unauthorized access on the affected system.

Dell's security advisory DSA-2026-049 details mitigation for this and other PowerScale OneFS vulnerabilities, recommending an update to version 9.13.0.0 or later. Additional guidance is available at https://www.dell.com/support/kbdoc/en-us/000415586/dsa-2026-049-security-update-for-dell-powerscale-onefs-multiple-vulnerabilities.

OWASP Top 10 for Web (2025)

EU & UK References

Vulnerability details

Dell PowerScale OneFS versions prior to 9.13.0.0 contains an improper restriction of excessive authentication attempts vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Unauthorized access.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1110 Brute Force Credential Access
Adversaries may use brute force techniques to gain access to accounts when passwords are unknown or when password hashes are obtained.
Why these techniques?

CWE-307 directly enables brute force attacks (T1110) by failing to restrict excessive authentication attempts on a remotely accessible service.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2026-21425Same product: Dell Powerscale Onefs
CVE-2026-25907Same product: Dell Powerscale Onefs
CVE-2026-22279Same product: Dell Powerscale Onefs
CVE-2026-27102Same product: Dell Powerscale Onefs
CVE-2026-45364Shared CWE-307
CVE-2025-69615Shared CWE-307
CVE-2025-14362Shared CWE-307
CVE-2026-6947Shared CWE-307
CVE-2025-23368Shared CWE-307
CVE-2025-69246Shared CWE-307

Affected Assets

dell
powerscale onefs
≤ 9.13.0.0

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

AC-7 directly limits unsuccessful logon attempts and enforces account lockouts, preventing brute-force exploitation of the improper restriction vulnerability leading to unauthorized access.

prevent

SI-2 mandates timely identification and correction of software flaws, such as patching Dell PowerScale OneFS to version 9.13.0.0 or later to remediate this authentication vulnerability.

detect

SI-4 enables continuous monitoring of systems to detect anomalous patterns of excessive authentication attempts indicative of brute-force attacks.

References