Total
82 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-22562 | 1 Dell | 1 Emc Powerscale Onefs | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
| Dell PowerScale OneFS, versions 8.2.0-9.3.0, contain a improper handling of missing values exploit. An unauthenticated network attacker could potentially exploit this denial-of-service vulnerability. | |||||
| CVE-2022-26852 | 1 Dell | 1 Emc Powerscale Onefs | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
| Dell PowerScale OneFS, versions 8.2.x-9.3.x, contain a predictable seed in pseudo-random number generator. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to an account compromise. | |||||
| CVE-2022-23160 | 1 Dell | 1 Emc Powerscale Onefs | 2023-12-10 | 4.0 MEDIUM | 4.3 MEDIUM |
| Dell PowerScale OneFS, versions 8.2.0-9.3.0, contains an Improper Handling of Insufficient Permissions vulnerability. An remote malicious user could potentially exploit this vulnerability, leading to gaining write permissions on read-only files. | |||||
| CVE-2022-22559 | 1 Dell | 1 Emc Powerscale Onefs | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
| Dell PowerScale OneFS, version 9.3.0, contains a use of a broken or risky cryptographic algorithm. An unprivileged network attacker could exploit this vulnerability, leading to the potential for information disclosure. | |||||
| CVE-2022-22560 | 1 Dell | 1 Emc Powerscale Onefs | 2023-12-10 | 4.9 MEDIUM | 5.5 MEDIUM |
| Dell EMC PowerScale OneFS 8.1.x - 9.1.x contain hard coded credentials. This allows a local user with knowledge of the credentials to login as the admin user to the backend ethernet switch of a PowerScale cluster. The attacker can exploit this vulnerability to take the switch offline. | |||||
| CVE-2022-23161 | 1 Dell | 1 Emc Powerscale Onefs | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
| Dell PowerScale OneFS versions 8.2.x - 9.3.0.x contain a denial-of-service vulnerability in SmartConnect. An unprivileged network attacker may potentially exploit this vulnerability, leading to denial-of-service. | |||||
| CVE-2022-24428 | 1 Dell | 1 Emc Powerscale Onefs | 2023-12-10 | 6.5 MEDIUM | 8.8 HIGH |
| Dell PowerScale OneFS, versions 8.2.x, 9.0.0.x, 9.1.0.x, 9.2.0.x, 9.2.1.x, and 9.3.0.x, contain an improper preservation of privileges. A remote filesystem user with a local account could potentially exploit this vulnerability, leading to an escalation of file privileges and information disclosure. | |||||
| CVE-2022-24413 | 1 Dell | 1 Emc Powerscale Onefs | 2023-12-10 | 3.3 LOW | 3.6 LOW |
| Dell PowerScale OneFS, versions 8.2.2-9.3.x, contain a time-of-check-to-time-of-use vulnerability. A local user with access to the filesystem could potentially exploit this vulnerability, leading to data loss. | |||||
| CVE-2022-26854 | 1 Dell | 1 Emc Powerscale Onefs | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
| Dell PowerScale OneFS, versions 8.2.x-9.2.x, contain risky cryptographic algorithms. A remote unprivileged malicious attacker could potentially exploit this vulnerability, leading to full system access | |||||
| CVE-2021-36305 | 1 Dell | 1 Emc Powerscale Onefs | 2023-12-10 | 4.0 MEDIUM | 6.5 MEDIUM |
| Dell PowerScale OneFS contains an Unsynchronized Access to Shared Data in a Multithreaded Context in SMB CA handling. An authenticated user of SMB on a cluster with CA could potentially exploit this vulnerability, leading to a denial of service over SMB. | |||||
| CVE-2021-21528 | 1 Dell | 1 Emc Powerscale Onefs | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
| Dell EMC PowerScale OneFS versions 9.1.0, 9.2.0.x, 9.2.1.x contain an Exposure of Information through Directory Listing vulnerability. This vulnerability is triggered when upgrading from a previous versions. | |||||
| CVE-2021-21561 | 1 Dell | 1 Emc Powerscale Onefs | 2023-12-10 | 2.1 LOW | 5.5 MEDIUM |
| Dell PowerScale OneFS version 8.1.2 contains a sensitive information exposure vulnerability. This would allow a malicious user with ISI_PRIV_LOGIN_SSH and/or ISI_PRIV_LOGIN_CONSOLE privileges to gain access to sensitive information in the log files. | |||||
| CVE-2021-21563 | 1 Dell | 1 Emc Powerscale Onefs | 2023-12-10 | 4.0 MEDIUM | 6.5 MEDIUM |
| Dell EMC PowerScale OneFS versions 8.1.2-9.1.0.x contain an Improper Check for Unusual or Exceptional Conditions in its auditing component.This can lead to an authenticated user with low-privileges to trigger a denial of service event. | |||||
| CVE-2021-21592 | 1 Dell | 1 Emc Powerscale Onefs | 2023-12-10 | 4.0 MEDIUM | 6.5 MEDIUM |
| Dell EMC PowerScale OneFS versions 8.2.x - 9.2.x improperly handle an exceptional condition. A remote low privileged user could potentially exploit this vulnerability, leading to unauthorized information disclosure. | |||||
| CVE-2021-21594 | 1 Dell | 1 Emc Powerscale Onefs | 2023-12-10 | 5.0 MEDIUM | 5.3 MEDIUM |
| Dell PowerScale OneFS versions 8.2.2 - 9.1.0.x contain a use of get request method with sensitive query strings vulnerability. It can lead to potential disclosure of sensitive data. Dell recommends upgrading at your earliest opportunity. | |||||
| CVE-2021-36280 | 1 Dell | 1 Emc Powerscale Onefs | 2023-12-10 | 2.1 LOW | 5.5 MEDIUM |
| Dell EMC PowerScale OneFS versions 8.2.x - 9.2.x contain an incorrect permission assignment for critical resource vulnerability. This could allow a user with ISI_PRIV_LOGIN_SSH or ISI_PRIV_LOGIN_CONSOLE to access privileged information about the cluster. | |||||
| CVE-2021-21527 | 1 Dell | 1 Emc Powerscale Onefs | 2023-12-10 | 7.2 HIGH | 6.7 MEDIUM |
| Dell PowerScale OneFS 8.1.0-9.1.0 contain an improper neutralization of special elements used in an OS command vulnerability. This vulnerability may allow an authenticated user with ISI_PRIV_LOGIN_SSH or ISI_PRIV_LOGIN_CONSOLE privileges to escalate privileges. | |||||
| CVE-2021-36281 | 1 Dell | 1 Emc Powerscale Onefs | 2023-12-10 | 6.5 MEDIUM | 8.8 HIGH |
| Dell EMC PowerScale OneFS versions 8.2.x - 9.2.x contain an incorrect permission assignment vulnerability. A low privileged authenticated user can potentially exploit this vulnerability to escalate privileges. | |||||
| CVE-2020-5353 | 1 Dell | 2 Emc Isilon Onefs, Emc Powerscale Onefs | 2023-12-10 | 9.0 HIGH | 8.8 HIGH |
| The Dell Isilon OneFS versions 8.2.2 and earlier and Dell EMC PowerScale OneFS version 9.0.0 default configuration for Network File System (NFS) allows access to an 'admin' home directory. An attacker may leverage a spoofed Unique Identifier (UID) over NFS to rewrite sensitive files to gain administrative access to the system. | |||||
| CVE-2021-36278 | 1 Dell | 1 Emc Powerscale Onefs | 2023-12-10 | 2.1 LOW | 5.5 MEDIUM |
| Dell EMC PowerScale OneFS versions 8.2.x, 9.1.0.x, and 9.1.1.1 contain a sensitive information exposure vulnerability in log files. A local malicious user with ISI_PRIV_LOGIN_SSH, ISI_PRIV_LOGIN_CONSOLE, or ISI_PRIV_SYS_SUPPORT privileges may exploit this vulnerability to access sensitive information. If any third-party consumes those logs, the same sensitive information is available to those systems as well. | |||||