CVE-2024-25954

Dell PowerScale OneFS, versions 9.5.0.x through 9.7.0.x, contain an insufficient session expiration vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to denial of service...

CVE-2024-25952

Dell PowerScale OneFS versions 8.2.2.x through 9.7.0.x contains an UNIX symbolic link symlink following vulnerability. A local high privileged attacker could potentially exploit this vulnerability, leading to denial of service, information tampering...

CVE-2024-25954

Dell PowerScale OneFS (versions 9.5.0.x–9.7.0.x) contains an insufficient session expiration vulnerability that can be exploited remotely by an unauthenticated attacker to cause a denial of service. Evidence from multiple sources confirms the affected product and impact; the CVSS base metrics ind...

CVE-2024-25953

Dell PowerScale OneFS vulnerable to a local symbolik link (symlink) following issue in versions 9.4.0.x–9.7.0.x. Root cause: tracking/handling of UNIX symbolic links allows a highly privileged, local attacker to cause DoS and tamper with data (integrity) and DoS (availability). Impact per sources...

CVE-2024-25952

Dell PowerScale OneFS versions 8.2.2.x through 9.7.0.x contains an UNIX symbolic link symlink following vulnerability. A local high privileged attacker could potentially exploit this vulnerability, leading to denial of service, information tampering...

CVE-2024-25961

Dell PowerScale OneFS versions 8.2.2.x through 9.7.0.x contains an improper privilege management vulnerability. A local high privileged attacker could potentially exploit this vulnerability, leading to escalation of privileges...

PT-2024-2506 · Dell · Powerscale Onefs

Name of the Vulnerable Software and Affected Versions: Dell PowerScale OneFS versions 9.4.0.x through 9.7.0.x Description: The issue is related to the tracking of symbolic links in the PowerScale OneFS operating system. Exploitation of this issue may allow an attacker to cause a denial of service...