Emc Powerscale Onefs Security Vulnerabilities and Issues — Emc Powerscale Onefs CVE List

Lucene search

DellEmc Powerscale Onefs

16 matches found

CVE•added 2021/08/16 10:15 p.m.•80 views

CVE-2021-21599

Dell EMC PowerScale OneFS versions 8.2.x - 9.2.1.x contain an OS command injection vulnerability. This may allow a user with ISI_PRIV_LOGIN_SSH or ISI_PRIV_LOGIN_CONSOLE to escalate privileges and escape the compliance guarantees. This only impacts Smartlock WORM compliance mode clusters as a criti...

6.7CVSS6.9AI score0.00297EPSS

CVE•added 2022/04/12 6:15 p.m.•70 views

CVE-2022-22550

Dell PowerScale OneFS, versions 8.2.2 and above, contain a password disclosure vulnerability. An unprivileged local attacker could potentially exploit this vulnerability, leading to account take over.

6.7CVSS6.4AI score0.00036EPSS

CVE•added 2021/08/16 10:15 p.m.•67 views

CVE-2021-21595

Dell EMC PowerScale OneFS versions 8.2.x - 9.1.1.x contain an improper neutralization of special elements used in an OS command. This vulnerability could allow the compadmin user to elevate privileges. This only impacts Smartlock WORM compliance mode clusters as a critical vulnerability and Dell re...

6.7CVSS6.4AI score0.00186EPSS

CVE•added 2022/04/12 6:15 p.m.•67 views

CVE-2022-23159

Dell PowerScale OneFS, 8.2.2 - 9.3.0.x, contain a missing release of memory after effective lifetime vulnerability. An authenticated user with ISI_PRIV_LOGIN_SSH and/or ISI_PRIV_LOGIN_CONSOLE and ISI_PRIV_AUTH_PROVIDERS privileges could exploit this vulnerability, leading to a Denial-Of-Service. Th...

6.5CVSS6.3AI score0.00201EPSS

CVE•added 2021/08/16 10:15 p.m.•64 views

CVE-2021-21592

Dell EMC PowerScale OneFS versions 8.2.x - 9.2.x improperly handle an exceptional condition. A remote low privileged user could potentially exploit this vulnerability, leading to unauthorized information disclosure.

6.5CVSS6.1AI score0.00215EPSS

CVE•added 2022/10/21 6:15 p.m.•55 views

CVE-2022-34438

Dell PowerScale OneFS, versions 8.2.x-9.4.0.x, contain a privilege context switching error. A local authenticated malicious user with high privileges could potentially exploit this vulnerability, leading to full system compromise. This impacts compliance mode clusters.

6.7CVSS6.2AI score0.00044EPSS

CVE•added 2022/10/21 6:15 p.m.•52 views

CVE-2022-31239

Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.19, 9.2.1.12, and 9.3.0.6, contain sensitive data in log files vulnerability. A privileged local user may potentially exploit this vulnerability, leading to disclosure of this sensitive data.

6.7CVSS4.5AI score0.00119EPSS

CVE•added 2022/08/22 5:15 p.m.•45 views

CVE-2022-32480

Dell PowerScale OneFS, versions 9.0.0, up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0.2, contain an insecure default initialization of a resource vulnerability. A remote authenticated attacker may potentially exploit this vulnerability, leading to information disclosure.

6.5CVSS6AI score0.00156EPSS

CVE•added 2023/04/04 11:15 a.m.•45 views

CVE-2023-25942

Dell PowerScale OneFS versions 8.2.x-9.4.x contain an uncontrolled resource consumption vulnerability. A malicious network user with low privileges could potentially exploit this vulnerability in SMB, leading to a potential denial of service.

6.5CVSS6.3AI score0.00227EPSS

CVE•added 2022/10/21 6:15 p.m.•44 views

CVE-2022-34437

Dell PowerScale OneFS, versions 8.2.2-9.3.0, contain an OS command injection vulnerability. A privileged local malicious user could potentially exploit this vulnerability, leading to a full system compromise. This impacts compliance mode clusters.

6.7CVSS6.5AI score0.00111EPSS

CVE•added 2021/11/12 11:15 p.m.•42 views

CVE-2021-36305

Dell PowerScale OneFS contains an Unsynchronized Access to Shared Data in a Multithreaded Context in SMB CA handling. An authenticated user of SMB on a cluster with CA could potentially exploit this vulnerability, leading to a denial of service over SMB.

6.5CVSS6.3AI score0.00237EPSS

CVE•added 2023/02/01 6:15 a.m.•36 views

CVE-2022-45098

Dell PowerScale OneFS, 9.0.0.x-9.4.0.x, contain a cleartext storage of sensitive information vulnerability in S3 component. An authenticated local attacker could potentially exploit this vulnerability, leading to information disclosure.

6.1CVSS5AI score0.00024EPSS

CVE•added 2021/08/03 12:15 a.m.•35 views

CVE-2021-21563

Dell EMC PowerScale OneFS versions 8.1.2-9.1.0.x contain an Improper Check for Unusual or Exceptional Conditions in its auditing component.This can lead to an authenticated user with low-privileges to trigger a denial of service event.

6.5CVSS6.3AI score0.00237EPSS

CVE•added 2023/02/01 5:15 a.m.•33 views

CVE-2022-45095

Dell PowerScale OneFS, 8.2.x-9.4.x, contain a command injection vulnerability. An authenticated user having access local shell and having the privilege to gather logs from the cluster could potentially exploit this vulnerability, leading to execute arbitrary commands, denial of service, information...

6.7CVSS7AI score0.00068EPSS

CVE•added 2023/02/01 5:15 a.m.•32 views

CVE-2022-45096

Dell PowerScale OneFS, 8.2.0 through 9.3.0, contain an User Interface Security Issue. An unauthenticated remote user could unintentionally lead an administrator to enable this vulnerability, leading to disclosure of information.

6.5CVSS6.4AI score0.00249EPSS

CVE•added 2023/02/10 10:15 a.m.•28 views

CVE-2022-34454

Dell PowerScale OneFS, versions 8.2.x-9.3.x, contain a heap-based buffer overflow. A local privileged malicious user could potentially exploit this vulnerability, leading to system takeover. This impacts compliance mode clusters.

6.7CVSS6.3AI score0.00066EPSS