Emc Powerscale Onefs Security Vulnerabilities and Issues — Emc Powerscale Onefs CVE List

Lucene search

DellEmc Powerscale Onefs

9 matches found

CVE•added 2022/04/08 8:15 p.m.•78 views

CVE-2022-26852

Dell PowerScale OneFS, versions 8.2.x-9.3.x, contain a predictable seed in pseudo-random number generator. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to an account compromise.

9.8CVSS9.3AI score0.01429EPSS

CVE•added 2022/04/08 8:15 p.m.•73 views

CVE-2022-26851

Dell PowerScale OneFS, 8.2.2-9.3.x, contains a predictable file name from observable state vulnerability. An unprivileged network attacker could potentially exploit this vulnerability, leading to data loss.

9.1CVSS9AI score0.00389EPSS

CVE•added 2022/04/12 6:15 p.m.•70 views

CVE-2022-22561

Dell PowerScale OneFS, versions 8.2.x-9.3.0.x, contain an improper restriction of excessive authentication attempts. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to compromised accounts.

9.8CVSS9.5AI score0.00883EPSS

CVE•added 2023/02/01 5:15 a.m.•50 views

CVE-2022-45101

Dell PowerScale OneFS 9.0.0.x - 9.4.0.x, contains an Improper Handling of Insufficient Privileges vulnerability in NFS. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to information disclosure and remote execution.

9.8CVSS9AI score0.02199EPSS

CVE•added 2021/02/09 10:15 p.m.•48 views

CVE-2021-21502

Dell PowerScale OneFS versions 8.1.0 – 9.1.0 contain a "use of SSH key past account expiration" vulnerability. A user on the network with the ISI_PRIV_AUTH_SSH RBAC privilege that has an expired account may potentially exploit this vulnerability, giving them access to the same things they had befor...

9.8CVSS9AI score0.00272EPSS

CVE•added 2021/07/29 4:15 p.m.•47 views

CVE-2020-5353

The Dell Isilon OneFS versions 8.2.2 and earlier and Dell EMC PowerScale OneFS version 9.0.0 default configuration for Network File System (NFS) allows access to an 'admin' home directory. An attacker may leverage a spoofed Unique Identifier (UID) over NFS to rewrite sensitive files to gain adminis...

9CVSS8.7AI score0.00336EPSS

CVE•added 2022/09/02 6:15 p.m.•39 views

CVE-2022-34371

Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0.3, contain an unprotected transport of credentials vulnerability. A malicious unprivileged network attacker could potentially exploit this vulnerability, leading to full system compromise.

9.8CVSS9.3AI score0.00256EPSS

CVE•added 2023/02/01 6:15 a.m.•35 views

CVE-2022-45100

Dell PowerScale OneFS, versions 8.2.x-9.3.x, contains an Improper Certificate Validation vulnerability. An remote unauthenticated attacker could potentially exploit this vulnerability, leading to a full compromise of the system.

9.8CVSS9.4AI score0.00453EPSS

CVE•added 2021/04/20 5:15 p.m.•33 views

CVE-2020-26197

Dell PowerScale OneFS 8.1.0 - 9.1.0 contains an LDAP Provider inability to connect over TLSv1.2 vulnerability. It may make it easier to eavesdrop and decrypt such traffic for a malicious actor. Note: This does not affect clusters which are not relying on an LDAP server for the authentication provid...

9.1CVSS9.2AI score0.00164EPSS