Lucene search
+L

6 matches found

RedhatCVE
RedhatCVE
added 2025/04/12 2:22 a.m.31 views

CVE-2025-26330

Dell PowerScale OneFS, versions 9.4.0.0 through 9.10.0.1, contains an incorrect authorization vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability to access the cluster with previous privileges of a disabled user account...

7CVSS6.8AI score0.00149EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/04/10 2:10 a.m.8 views

CVE-2025-26330

Dell PowerScale OneFS, versions 9.4.0.0 through 9.10.0.1, contains an incorrect authorization vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability to access the cluster with previous privileges of a disabled user account...

7CVSS6.7AI score0.00149EPSS
Exploits0References1
CVE
CVE
added 2025/04/10 2:10 a.m.70 views

CVE-2025-26330

Dell PowerScale OneFS, versions 9.4.0.0–9.10.0.1, contains an authorization logic error where an unauthenticated, locally-present attacker could access cluster resources with the historical privileges of a disabled account. Root cause described as incorrect authorization/disabled-state verificati...

7CVSS6.8AI score0.00149EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2022/10/29 12:0 a.m.24 views

CVE-2022-44023

PwnDoc through 0.5.3 might allow remote attackers to identify disabled user account names by leveraging response messages for authentication attempts...

5.3CVSS7.2AI score0.00746EPSS
Exploits1References4
CVE
CVE
added 2021/02/09 2:8 p.m.66 views

CVE-2021-26921

CVE-2021-26921 affects Argo CD before 1.8.4, from the util/session/sessionmanager.go code. The root issue allows tokens to remain valid after the associated user account is disabled, enabling continued token authentication despite deactivation. The impact is described across multiple sources (e.g...

6.5CVSS6.3AI score0.01271EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2012/07/31 10:45 a.m.12 views

CVE-2012-3426

OpenStack Keystone before 2012.1.1, as used in OpenStack Folsom before Folsom-1 and OpenStack Essex, does not properly implement token expiration, which allows remote authenticated users to bypass intended authorization restrictions by 1 creating new tokens through token chaining, 2 leveraging...

6.1AI score
Exploits0References16
Rows per page
Query Builder