Lucene search
DellCVE-2023-32494HistoryAug 16, 2023 - 1:15 p.m.
CVE-2023-32494
2023-08-1613:15:10
CWE-274
dell
web.nvd.nist.gov
24
cve-2023-32494
dell powerscale onefs
vulnerability
elevation of privilege
compliance mode
nvd
CVSS3
6.7
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS
0
Percentile
5.1%
Dell PowerScale OneFS, 8.0.x-9.5.x, contains an improper handling of insufficient privileges vulnerability. A local privileged attacker could potentially exploit this vulnerability, leading to elevation of privilege and affect in compliance mode also.
Affected configurations
Node
dellpowerscale_onefsRange9.2.1.0–9.2.1.22
ORdellpowerscale_onefsRange9.4.0.0–9.4.0.13
ORdellpowerscale_onefsRange9.5.0.0–9.5.0.3
| Vendor | Product | Version | CPE |
|---|---|---|---|
| dell | powerscale_onefs | * | cpe:2.3:a:dell:powerscale_onefs:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "PowerScale OneFS",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "Version 9.2.1.0 through 9.2.1.22 , Version 9.4.0.0 through 9.4.0.13, Version 9.5.0.0 through 9.5.0.3"
}
]
}
]Related
cnvd
cnvd
Dell PowerScale OneFS elevation of privilege vulnerability (CNVD-2023-65220)
2023-08-18 00:00:00
nvd
nvd
CVE-2023-32494
2023-08-16 13:15:10
cvelist
cvelist
CVE-2023-32494
2023-08-16 12:56:09
prion
prion
Input validation
2023-08-16 13:15:00
CVSS3
6.7
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS
0
Percentile
5.1%
Related for CVE-2023-32494