Lucene search
HistoryAug 16, 2023 - 1:15 p.m.
CVE-2023-32494
dell powerscale
privilege
vulnerability
elevation of privilege
compliance mode
CVSS3
6.7
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS
0
Percentile
5.1%
Dell PowerScale OneFS, 8.0.x-9.5.x, contains an improper handling of insufficient privileges vulnerability. A local privileged attacker could potentially exploit this vulnerability, leading to elevation of privilege and affect in compliance mode also.
Affected configurations
Node
dellpowerscale_onefsRange9.2.1.0–9.2.1.22
ORdellpowerscale_onefsRange9.4.0.0–9.4.0.13
ORdellpowerscale_onefsRange9.5.0.0–9.5.0.3
| Vendor | Product | Version | CPE |
|---|---|---|---|
| dell | powerscale_onefs | * | cpe:2.3:a:dell:powerscale_onefs:*:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2023-32494
2023-08-16 12:56:09
prion
prion
Input validation
2023-08-16 13:15:00
cnvd
cnvd
Dell PowerScale OneFS elevation of privilege vulnerability (CNVD-2023-65220)
2023-08-18 00:00:00
cve
cve
CVE-2023-32494
2023-08-16 13:15:10
CVSS3
6.7
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS
0
Percentile
5.1%
Related for NVD:CVE-2023-32494