Lucene search
+L

844 matches found

OSV
OSV
added 2021/02/09 10:15 p.m.3 views

CVE-2020-26192

Dell EMC PowerScale OneFS versions 8.2.0 - 9.1.0 contain a privilege escalation vulnerability. A non-admin user with either ISIPRIVLOGINCONSOLE or ISIPRIVLOGINSSH may potentially exploit this vulnerability to read arbitrary data, tamper with system software or deny service to users. Note: no...

7.8CVSS7.2AI score0.00293EPSS
Exploits0References1
OSV
OSV
added 2021/02/09 10:15 p.m.6 views

CVE-2020-26193

Dell EMC PowerScale OneFS versions 8.1.0 - 9.1.0 contain an improper input validation vulnerability. A user with the ISIPRIVCLUSTER privilege may exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS, with the privileges of the vulnerable...

7.8CVSS6AI score0.0048EPSS
Exploits0References1
Prion
Prion
added 2021/02/09 10:15 p.m.21 views

Input validation

Dell EMC PowerScale OneFS versions 8.1.0 - 9.1.0 contain an improper input validation vulnerability. A user with the ISIPRIVCLUSTER privilege may exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS, with the privileges of the vulnerable...

7.2CVSS7.8AI score0.0048EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2021/02/09 10:15 p.m.21 views

Design/Logic Flaw

Dell EMC PowerScale OneFS versions 8.1.2 – 9.1.0 contain an issue where the OneFS SMB directory auto-create may erroneously create a directory for a user. A remote unauthenticated attacker may take advantage of this issue to slow down the system...

5CVSS5.5AI score0.01804EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/02/09 9:25 p.m.21 views

CVE-2020-26194

Dell EMC PowerScale OneFS versions 8.1.2 and 8.2.2 contain an Incorrect Permission Assignment for a Critical Resource vulnerability. This may allow a non-admin user with either ISIPRIVLOGINCONSOLE or ISIPRIVLOGINSSH privileges to exploit the vulnerability, leading to compromised cryptographic...

7CVSS7.7AI score0.0025EPSS
Exploits0References1
CVE
CVE
added 2021/02/09 9:25 p.m.59 views

CVE-2020-26192

Dell EMC PowerScale OneFS versions 8.2.0–9.1.0 contain a local privilege-escalation vulnerability. A non-admin user with ISI_PRIV_LOGIN_CONSOLE or ISI_PRIV_LOGIN_SSH could potentially read arbitrary data, tamper with system software, or cause a denial of service. Affected products/versions and pr...

7.8CVSS7.7AI score0.00293EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/02/09 9:25 p.m.24 views

CVE-2020-26193

Dell EMC PowerScale OneFS versions 8.1.0 - 9.1.0 contain an improper input validation vulnerability. A user with the ISIPRIVCLUSTER privilege may exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS, with the privileges of the vulnerable...

7.8CVSS7.9AI score0.0048EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2021/02/09 12:0 a.m.5 views

PT-2021-11223 · Dell Emc · Dell Emc Powerscale Onefs

Name of the Vulnerable Software and Affected Versions: Dell EMC PowerScale OneFS versions 8.1.2 through 9.1.0 Description: The issue in Dell EMC PowerScale OneFS allows a remote unauthenticated attacker to potentially slow down the system by exploiting the OneFS SMB directory auto-create feature,...

5.3CVSS5.3AI score0.01804EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/02/09 12:0 a.m.10 views

Dell PowerScale OneFS 授权问题漏洞

Dell Technologies Dell PowerScale OneFS is an operating system from Dell Technologies, USA. PowerScale OneFS operating system that provides horizontal scaling of NAS. An authorization issue vulnerability exists in Dell PowerScale OneFS that stems from ISI PRIV AUTH SSH RBAC privileges for a past...

9.8CVSS7.3AI score0.01412EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/02/09 12:0 a.m.9 views

DELL EMC PowerScale 权限许可和访问控制问题漏洞

Dell EMC PowerScale OneFS is an API-powered file system. An elevation of privilege vulnerability exists in Dell EMC PowerScale OneFS 8.1.0 - 9.1.0. An attacker with the ISIPRIVJOBENGINE privilege could exploit this vulnerability by using a PermissionRepair job to grant themselves the highest leve...

7.8CVSS5.9AI score0.00293EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/02/09 12:0 a.m.12 views

DELL EMC PowerScale 操作系统命令注入漏洞

Dell EMC PowerScale OneFS is an API-powered file system. An OS command injection vulnerability exists in Dell EMC PowerScale OneFS 8.1.0 - 9.1.0. An attacker with the ISIPRIVCLUSTER privilege could exploit this vulnerability to execute arbitrary OS commands on the underlying OS of an application...

7.8CVSS6AI score0.0048EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/02/09 12:0 a.m.9 views

DELL EMC PowerScale 访问控制错误漏洞

Dell EMC PowerScale OneFS is an API-powered file system. An elevation of privilege vulnerability exists in Dell EMC PowerScale OneFS 8.2.0 - 9.1.0. An attacker with the ISIPRIVLOGINCONSOLE or ISIPRIVLOGINSSH privileges could exploit this vulnerability to read arbitrary data, tamper with system...

7.8CVSS5.9AI score0.00293EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/02/09 12:0 a.m.10 views

DELL EMC PowerScale 权限许可和访问控制问题漏洞

Dell EMC PowerScale OneFS is an API-powered file system. Dell EMC PowerScale OneFS 8.1.2, 8.2.2 is vulnerable to privilege permission and access control issues. An attacker with ISIPRIVLOGINCONSOLE or ISIPRIVLOGINSSH privileges could exploit this vulnerability to corrupt cryptographic operations...

7.8CVSS7.1AI score0.0025EPSS
Exploits0References1
OSV
OSV
added 2021/01/05 10:15 p.m.8 views

CVE-2020-26181

Dell EMC Isilon OneFS versions 8.1 and later and Dell EMC PowerScale OneFS version 9.0.0 contain a privilege escalation vulnerability on a SmartLock Compliance mode cluster. The compadmin user connecting using ISI PRIV LOGIN SSH or ISI PRIV LOGIN CONSOLE can elevate privileges to the root user if...

7.8CVSS7.1AI score0.00254EPSS
Exploits0References1
CVE
CVE
added 2021/01/05 9:40 p.m.72 views

CVE-2020-26181

Dell EMC Isilon OneFS (8.1+) and Dell EMC PowerScale OneFS (9.0.0) expose a local privilege-escalation in SmartLock Compliance mode clusters. The compadmin user who can authenticate via ISI PRIV LOGIN SSH or ISI PRIV LOGIN CONSOLE can elevate to root if they possess ISI PRIV HARDENING privileges....

7.8CVSS7.8AI score0.00254EPSS
Exploits0References1Affected Software2
CNNVD
CNNVD
added 2021/01/05 12:0 a.m.11 views

Dell EMC Isilon OneFS 和 Dell EMC PowerScale 安全漏洞

Dell EMC Isilon OneFS and Dell EMC PowerScale OneFS are both a set of horizontally scalable storage systems for unstructured data from Dell USA. A security vulnerability exists in Dell EMC Isilon OneFS version 8.1 and later and Dell EMC PowerScale OneFS version 9.0.0, which originates from a...

7.8CVSS7.1AI score0.00254EPSS
Exploits0References2
CNVD
CNVD
added 2020/09/03 12:0 a.m.4 views

Dell EMC Isilon OneFS and EMC PowerScale OneFS Elevation of Privilege Vulnerabilities

Dell EMC Isilon OneFS and EMC PowerScale OneFS are both horizontally scalable storage systems for unstructured data from Dell, USA. An elevation of privilege vulnerability exists in Dell EMC Isilon OneFS versions prior to 8.2.2 and Dell EMC PowerScale OneFS version 9.0.0, which could be exploited...

8.8CVSS7.1AI score0.01214EPSS
Exploits0References1
NVD
NVD
added 2020/09/02 9:15 p.m.27 views

CVE-2020-5369

Dell EMC Isilon OneFS versions 8.2.2 and earlier and Dell EMC PowerScale OneFS version 9.0.0 contain a privilege escalation vulnerability. An authenticated malicious user may exploit this vulnerability by using SyncIQ to gain unauthorized access to system management files...

8.8CVSS8.9AI score0.01214EPSS
Exploits0References1
OSV
OSV
added 2020/09/02 9:15 p.m.4 views

CVE-2020-5369

Dell EMC Isilon OneFS versions 8.2.2 and earlier and Dell EMC PowerScale OneFS version 9.0.0 contain a privilege escalation vulnerability. An authenticated malicious user may exploit this vulnerability by using SyncIQ to gain unauthorized access to system management files...

8.8CVSS7.3AI score0.01214EPSS
Exploits0References1
Prion
Prion
added 2020/09/02 9:15 p.m.20 views

Privilege escalation

Dell EMC Isilon OneFS versions 8.2.2 and earlier and Dell EMC PowerScale OneFS version 9.0.0 contain a privilege escalation vulnerability. An authenticated malicious user may exploit this vulnerability by using SyncIQ to gain unauthorized access to system management files...

6.5CVSS8.8AI score0.01214EPSS
Exploits0References1Affected Software2
Rows per page
Query Builder