CVE-2022-24411

Dell PowerScale OneFS 8.2.2 and above contain an elevation of privilege vulnerability. A local attacker with ISIPRIVLOGINSSH and/or ISIPRIVLOGINCONSOLE could potentially exploit this vulnerability, leading to elevation of privilege. This could potentially allow users to circumvent PowerScale...

Privilege escalation

Dell PowerScale OneFS 8.2.2 and above contain an elevation of privilege vulnerability. A local attacker with ISIPRIVLOGINSSH and/or ISIPRIVLOGINCONSOLE could potentially exploit this vulnerability, leading to elevation of privilege. This could potentially allow users to circumvent PowerScale...

CVE-2022-24411

Dell PowerScale OneFS 8.2.2 and above contain an elevation of privilege vulnerability. A local attacker with ISIPRIVLOGINSSH and/or ISIPRIVLOGINCONSOLE could potentially exploit this vulnerability, leading to elevation of privilege. This could potentially allow users to circumvent PowerScale...

Code injection

Dell EMC PowerScale OneFS versions 8.2.x - 9.2.x contain an incorrect permission assignment for critical resource vulnerability. This could allow a user with ISIPRIVLOGINSSH or ISIPRIVLOGINCONSOLE to access privileged information about the cluster...

Design/Logic Flaw

Dell EMC PowerScale OneFS versions 8.2.x - 9.1.0.x contain a use of uninitialized resource vulnerability. This can potentially allow an authenticated user with ISIPRIVLOGINCONSOLE or ISIPRIVLOGINSSH privileges to gain access up to 24 bytes of data within the /ifs kernel stack under certain...

CVE-2021-36282

Dell EMC PowerScale OneFS (versions 8.2.x–9.1.0.x) is affected by a use of uninitialized resource vulnerability. The issue could allow an authenticated user with ISI_PRIV_LOGIN_CONSOLE or ISI_PRIV_LOGIN_SSH privileges to read up to 24 bytes of data from the /ifs kernel stack under certain conditi...

Dell PowerScale OneFS Access Control Error Vulnerability

Dell PowerScale OneFS is an operating system from Dell, Inc. PowerScale OneFS operating system that provides a horizontally scalable NAS. Dell PowerScale OneFS has an access control error vulnerability in 9.1.0.x. The vulnerability stems from a network system or product that does not properly...

CVE-2021-21567

Dell PowerScale OneFS 9.1.0.x contains an improper privilege management vulnerability. It may allow an authenticated user with ISIPRIVLOGINSSH and/or ISIPRIVLOGINCONSOLE to elevate privilege...

Privilege escalation

Dell PowerScale OneFS 9.1.0.x contains an improper privilege management vulnerability. It may allow an authenticated user with ISIPRIVLOGINSSH and/or ISIPRIVLOGINCONSOLE to elevate privilege...

CVE-2021-21562

Dell EMC PowerScale OneFS is affected by CVE-2021-21562, described as an untrusted search path vulnerability that could let a user with specific privileges cause execution of resources outside the application’s control. The vulnerability affects OneFS and is associated with local access, with par...

CVE-2020-26192

Dell EMC PowerScale OneFS versions 8.2.0 - 9.1.0 contain a privilege escalation vulnerability. A non-admin user with either ISIPRIVLOGINCONSOLE or ISIPRIVLOGINSSH may potentially exploit this vulnerability to read arbitrary data, tamper with system software or deny service to users. Note: no...

Design/Logic Flaw

Dell EMC PowerScale OneFS versions 8.1.2 and 8.2.2 contain an Incorrect Permission Assignment for a Critical Resource vulnerability. This may allow a non-admin user with either ISIPRIVLOGINCONSOLE or ISIPRIVLOGINSSH privileges to exploit the vulnerability, leading to compromised cryptographic...

Privilege escalation

Dell EMC PowerScale OneFS versions 8.2.0 - 9.1.0 contain a privilege escalation vulnerability. A non-admin user with either ISIPRIVLOGINCONSOLE or ISIPRIVLOGINSSH may potentially exploit this vulnerability to read arbitrary data, tamper with system software or deny service to users. Note: no...

CVE-2020-26194

Dell EMC PowerScale OneFS versions 8.1.2 and 8.2.2 are affected by CVE-2020-26194, an Incorrect Permission Assignment for a Critical Resource vulnerability. A non-admin user with ISI_PRIV_LOGIN_CONSOLE or ISI_PRIV_LOGIN_SSH privileges could potentially exploit the issue to cause compromised crypt...

CVE-2020-26192

Dell EMC PowerScale OneFS versions 8.2.0 - 9.1.0 contain a privilege escalation vulnerability. A non-admin user with either ISIPRIVLOGINCONSOLE or ISIPRIVLOGINSSH may potentially exploit this vulnerability to read arbitrary data, tamper with system software or deny service to users. Note: no...

CVE-2020-26192

Dell EMC PowerScale OneFS versions 8.2.0–9.1.0 contain a local privilege-escalation vulnerability. A non-admin user with ISI_PRIV_LOGIN_CONSOLE or ISI_PRIV_LOGIN_SSH could potentially read arbitrary data, tamper with system software, or cause a denial of service. Affected products/versions and pr...