Cyber Posture

CVE-2026-22278

High

Published: 22 January 2026

Published
22 January 2026
Modified
28 January 2026
KEV Added
Patch
CVSS Score 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0005 15.4th percentile
Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2026-22278 is a high-severity Improper Restriction of Excessive Authentication Attempts (CWE-307) vulnerability in Dell Powerscale Onefs. Its CVSS base score is 8.1 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Brute Force (T1110); ranked at the 15.4th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 AC-7 (Unsuccessful Logon Attempts) and SI-2 (Flaw Remediation).

Threat & Defense at a Glance

What attackers do: exploitation maps to Brute Force (T1110). What defenders deploy: see the NIST 800-53 controls recommended below.
Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

AC-7 Unsuccessful Logon Attempts good match
prevent

AC-7 directly limits unsuccessful logon attempts and enforces account lockouts, preventing brute-force exploitation of the improper restriction vulnerability leading to unauthorized access.

SI-2 Flaw Remediation good match
prevent

SI-2 mandates timely identification and correction of software flaws, such as patching Dell PowerScale OneFS to version 9.13.0.0 or later to remediate this authentication vulnerability.

SI-4 System Monitoring partial match
detect

SI-4 enables continuous monitoring of systems to detect anomalous patterns of excessive authentication attempts indicative of brute-force attacks.

MITRE ATT&CK Enterprise TechniquesAI

T1110 Brute Force Credential Access
Adversaries may use brute force techniques to gain access to accounts when passwords are unknown or when password hashes are obtained.
attack.mitre.org →
Why these techniques?

CWE-307 directly enables brute force attacks (T1110) by failing to restrict excessive authentication attempts on a remotely accessible service.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

NVD Description

Dell PowerScale OneFS versions prior to 9.13.0.0 contains an improper restriction of excessive authentication attempts vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Unauthorized access.

Deeper analysisAI

CVE-2026-22278 is an improper restriction of excessive authentication attempts vulnerability, classified under CWE-307, affecting Dell PowerScale OneFS versions prior to 9.13.0.0. Published on 2026-01-22, it carries a CVSS v3.1 base score of 8.1 (AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H), indicating high severity due to significant impacts on confidentiality, integrity, and availability.

An unauthenticated attacker with remote network access can exploit this vulnerability, though it requires high attack complexity and no user privileges or interaction. Successful exploitation could lead to unauthorized access on the affected system.

Dell's security advisory DSA-2026-049 details mitigation for this and other PowerScale OneFS vulnerabilities, recommending an update to version 9.13.0.0 or later. Additional guidance is available at https://www.dell.com/support/kbdoc/en-us/000415586/dsa-2026-049-security-update-for-dell-powerscale-onefs-multiple-vulnerabilities.

Details

CWE(s)
CWE-307

Affected Products

dell
powerscale onefs
≤ 9.13.0.0

CVEs Like This One

CVE-2026-25907Same product: Dell Powerscale Onefs
CVE-2026-27102Same product: Dell Powerscale Onefs
CVE-2026-22279Same product: Dell Powerscale Onefs
CVE-2026-21425Same product: Dell Powerscale Onefs
CVE-2025-69246Shared CWE-307
CVE-2026-6947Shared CWE-307
CVE-2025-14362Shared CWE-307
CVE-2025-23368Shared CWE-307
CVE-2024-57610Shared CWE-307
CVE-2026-35597Shared CWE-307

References