CVE-2024-25953

Dell PowerScale OneFS vulnerable to a local symbolik link (symlink) following issue in versions 9.4.0.x–9.7.0.x. Root cause: tracking/handling of UNIX symbolic links allows a highly privileged, local attacker to cause DoS and tamper with data (integrity) and DoS (availability). Impact per sources...

CVE-2024-25952

Dell PowerScale OneFS is affected by a local, high-privilege symbolic link (symlink) following vulnerability in versions 8.2.2.x through 9.7.0.x. The issue allows a local attacker with high privileges to potentially cause denial of service and tamper with information. Exploitation details are not...

CVE-2024-25952

Dell PowerScale OneFS versions 8.2.2.x through 9.7.0.x contains an UNIX symbolic link symlink following vulnerability. A local high privileged attacker could potentially exploit this vulnerability, leading to denial of service, information tampering...

CVE-2024-25952

Dell PowerScale OneFS versions 8.2.2.x through 9.7.0.x contains an UNIX symbolic link symlink following vulnerability. A local high privileged attacker could potentially exploit this vulnerability, leading to denial of service, information tampering...

CVE-2024-25961

Dell PowerScale OneFS versions 8.2.2.x through 9.7.0.x contains an improper privilege management vulnerability. A local high privileged attacker could potentially exploit this vulnerability, leading to escalation of privileges...

CVE-2024-25961

Dell PowerScale OneFS versions 8.2.2.x through 9.7.0.x contains an improper privilege management vulnerability. A local high privileged attacker could potentially exploit this vulnerability, leading to escalation of privileges...

CVE-2024-25959

Dell PowerScale OneFS versions 9.4.0.x through 9.7.0.x contains an insertion of sensitive information into log file vulnerability. A low privileged local attacker could potentially exploit this vulnerability, leading to sensitive information disclosure, escalation of privileges...

CVE-2024-25959

Dell PowerScale OneFS versions 9.4.0.x through 9.7.0.x contains an insertion of sensitive information into log file vulnerability. A low privileged local attacker could potentially exploit this vulnerability, leading to sensitive information disclosure, escalation of privileges...

CVE-2024-25960

CVE-2024-25960 affects Dell PowerScale OneFS versions 8.2.2.x–9.7.0.x, where a cleartext transmission of sensitive information is possible. The root cause is plaintext data exposure enabling a local, low-privilege attacker to escalate privileges. Affected component: PowerScale OneFS operating sys...

CVE-2024-25960

Dell PowerScale OneFS versions 8.2.2.x through 9.7.0.x contains a cleartext transmission of sensitive information vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to escalation of privileges...

CVE-2024-25960

Dell PowerScale OneFS versions 8.2.2.x through 9.7.0.x contains a cleartext transmission of sensitive information vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to escalation of privileges...

CVE-2024-25961

Dell PowerScale OneFS versions 8.2.2.x through 9.7.0.x contains an improper privilege management vulnerability. A local high privileged attacker could potentially exploit this vulnerability, leading to escalation of privileges...

CVE-2024-25961

CVE-2024-25961 concerns Dell PowerScale OneFS, a Dell NAS operating system. Affected versions are 8.2.2.x through 9.7.0.x, where an improper privilege management vulnerability could allow a local, high-privilege attacker to escalate privileges (local escalation). The impact is described as privil...

CVE-2024-25961

Dell PowerScale OneFS versions 8.2.2.x through 9.7.0.x contains an improper privilege management vulnerability. A local high privileged attacker could potentially exploit this vulnerability, leading to escalation of privileges...

CVE-2024-25959

Summary: CVE-2024-25959 affects Dell PowerScale OneFS 9.4.0.x–9.7.0.x, where sensitive information can be inserted into log files, enabling a low-privileged local attacker to disclose data and potentially escalate privileges. The root cause is a log information disclosure vulnerability in OneFS. ...

CVE-2024-25959

Dell PowerScale OneFS versions 9.4.0.x through 9.7.0.x contains an insertion of sensitive information into log file vulnerability. A low privileged local attacker could potentially exploit this vulnerability, leading to sensitive information disclosure, escalation of privileges...

CVE-2024-25959

Dell PowerScale OneFS versions 9.4.0.x through 9.7.0.x contains an insertion of sensitive information into log file vulnerability. A low privileged local attacker could potentially exploit this vulnerability, leading to sensitive information disclosure, escalation of privileges...

PT-2024-2504 · Dell · Powerscale Onefs

Name of the Vulnerable Software and Affected Versions: Dell PowerScale OneFS versions 8.2.2.x through 9.7.0.x Description: The issue is related to the tracking of symbolic links in the PowerScale OneFS operating system. Exploitation of this issue may allow an attacker to cause a denial of service...

Dell PowerScale OneFS 日志信息泄露漏洞

Dell PowerScale OneFS is an operating system from Dell USA. PowerScale OneFS operating system that provides horizontal scaling of NAS. Dell PowerScale OneFS suffers from a log information disclosure vulnerability that originates from the presence of sensitive information in log files, which can b...

PT-2024-2506 · Dell · Powerscale Onefs

Name of the Vulnerable Software and Affected Versions: Dell PowerScale OneFS versions 9.4.0.x through 9.7.0.x Description: The issue is related to the tracking of symbolic links in the PowerScale OneFS operating system. Exploitation of this issue may allow an attacker to cause a denial of service...