Emc Powerscale Onefs@* Security Vulnerabilities and Issues — Emc Powerscale Onefs@* CVE List

Lucene search

DellEmc Powerscale Onefs*

10 matches found

CVE•added 2021/08/16 10:15 p.m.•80 views

CVE-2021-21599

Dell EMC PowerScale OneFS versions 8.2.x - 9.2.1.x contain an OS command injection vulnerability. This may allow a user with ISI_PRIV_LOGIN_SSH or ISI_PRIV_LOGIN_CONSOLE to escalate privileges and escape the compliance guarantees. This only impacts Smartlock WORM compliance mode clusters as a criti...

6.7CVSS6.9AI score0.00297EPSS

CVE•added 2021/08/16 10:15 p.m.•73 views

CVE-2021-36278

Dell EMC PowerScale OneFS versions 8.2.x, 9.1.0.x, and 9.1.1.1 contain a sensitive information exposure vulnerability in log files. A local malicious user with ISI_PRIV_LOGIN_SSH, ISI_PRIV_LOGIN_CONSOLE, or ISI_PRIV_SYS_SUPPORT privileges may exploit this vulnerability to access sensitive informati...

8.1CVSS5.2AI score0.00187EPSS

CVE•added 2021/08/16 10:15 p.m.•69 views

CVE-2021-21568

Dell EMC PowerScale OneFS versions 8.2.x - 9.2.x contain an insufficient logging vulnerability. An authenticated user with ISI_PRIV_LOGIN_PAPI could make un-audited and un-trackable configuration changes to settings that their roles have privileges to change.

4.3CVSS4.5AI score0.00209EPSS

CVE•added 2021/08/16 10:15 p.m.•67 views

CVE-2021-21595

Dell EMC PowerScale OneFS versions 8.2.x - 9.1.1.x contain an improper neutralization of special elements used in an OS command. This vulnerability could allow the compadmin user to elevate privileges. This only impacts Smartlock WORM compliance mode clusters as a critical vulnerability and Dell re...

6.7CVSS6.4AI score0.00186EPSS

CVE•added 2021/08/16 10:15 p.m.•66 views

CVE-2021-36280

Dell EMC PowerScale OneFS versions 8.2.x - 9.2.x contain an incorrect permission assignment for critical resource vulnerability. This could allow a user with ISI_PRIV_LOGIN_SSH or ISI_PRIV_LOGIN_CONSOLE to access privileged information about the cluster.

7.8CVSS5.2AI score0.00047EPSS

CVE•added 2021/08/16 10:15 p.m.•66 views

CVE-2021-36282

Dell EMC PowerScale OneFS versions 8.2.x - 9.1.0.x contain a use of uninitialized resource vulnerability. This can potentially allow an authenticated user with ISI_PRIV_LOGIN_CONSOLE or ISI_PRIV_LOGIN_SSH privileges to gain access up to 24 bytes of data within the /ifs kernel stack under certain co...

3.3CVSS4.2AI score0.00054EPSS

CVE•added 2021/08/16 10:15 p.m.•64 views

CVE-2021-21592

Dell EMC PowerScale OneFS versions 8.2.x - 9.2.x improperly handle an exceptional condition. A remote low privileged user could potentially exploit this vulnerability, leading to unauthorized information disclosure.

6.5CVSS6.1AI score0.00215EPSS

CVE•added 2021/08/16 10:15 p.m.•62 views

CVE-2021-36281

Dell EMC PowerScale OneFS versions 8.2.x - 9.2.x contain an incorrect permission assignment vulnerability. A low privileged authenticated user can potentially exploit this vulnerability to escalate privileges.

8.8CVSS8.5AI score0.00396EPSS

CVE•added 2021/08/16 10:15 p.m.•61 views

CVE-2021-36279

7.8CVSS7.3AI score0.00038EPSS

CVE•added 2021/08/16 10:15 p.m.•59 views

CVE-2021-21594

Dell PowerScale OneFS versions 8.2.2 - 9.1.0.x contain a use of get request method with sensitive query strings vulnerability. It can lead to potential disclosure of sensitive data. Dell recommends upgrading at your earliest opportunity.

8.2CVSS5.1AI score0.00257EPSS