Lucene search
K
DellPowerscale Onefs

93 matches found

CVE
CVE
added 2025/04/10 2:4 a.m.108 views

CVE-2025-27690

Dell PowerScale OneFS contains a default-password vulnerability affecting versions 9.5.0.0–9.10.1.0. An unauthenticated remote attacker could potentially take over a high-privilege account due to use of default credentials. The issue is documented with a CVSSv3.1 base score of 9.8 (CRITICAL) and ...

9.8CVSS7.2AI score0.00454EPSS
CVE
CVE
added 2024/03/28 6:27 p.m.92 views

CVE-2024-25953

Dell PowerScale OneFS vulnerable to a local symbolik link (symlink) following issue in versions 9.4.0.x–9.7.0.x. Root cause: tracking/handling of UNIX symbolic links allows a highly privileged, local attacker to cause DoS and tamper with data (integrity) and DoS (availability). Impact per sources...

6CVSS5.6AI score0.0019EPSS
CVE
CVE
added 2025/06/20 1:51 p.m.86 views

CVE-2024-53298

CVE-2024-53298 affects Dell PowerScale OneFS, versions 9.5.0.0 through 9.10.0.1. The issue is a missing authorization vulnerability in the NFS export that could allow an unauthenticated attacker with remote access to read, modify, and delete arbitrary files, leading to unauthorized filesystem acc...

9.8CVSS9.5AI score0.00452EPSS
CVE
CVE
added 2024/03/25 8:13 a.m.85 views

CVE-2024-25964

CVE-2024-25964 affects Dell PowerScale OneFS 9.5.0.x through 9.7.0.x. The issue is described as a covert timing channel vulnerability that could enable a remote, unauthenticated attacker to trigger a denial of service. The available connected sources consistently identify the affected software (P...

7.5CVSS6.9AI score0.00672EPSS
CVE
CVE
added 2024/03/04 1:23 p.m.82 views

CVE-2024-24901

CVE-2024-24901 affects Dell PowerScale OneFS 8.2.x–9.6.0.x with an insufficient logging vulnerability that allows a local high-privilege attacker to cause audit messages to be lost/unrecorded for a period. Root cause: inadequate audit logging coverage. Impact: potential gaps in auditing (low seve...

3CVSS4AI score0.00143EPSS
CVE
CVE
added 2024/03/28 6:0 p.m.81 views

CVE-2024-25961

CVE-2024-25961 concerns Dell PowerScale OneFS, a Dell NAS operating system. Affected versions are 8.2.2.x through 9.7.0.x, where an improper privilege management vulnerability could allow a local, high-privilege attacker to escalate privileges (local escalation). The impact is described as privil...

6.7CVSS6.8AI score0.00158EPSS
CVE
CVE
added 2024/03/04 1:18 p.m.80 views

CVE-2024-22463

Dell PowerScale OneFS versions 8.2.x through 9.6.0.x are affected by a vulnerability described as the use of a broken or risky cryptographic algorithm, which can lead to disclosure and integrity concerns for sensitive data. The issue is triggered by the software’s cryptographic implementation rat...

9.1CVSS7.2AI score0.00283EPSS
CVE
CVE
added 2024/05/14 6:44 a.m.77 views

CVE-2024-25967

CVE-2024-25967 affects Dell PowerScale OneFS versions 8.2.x–9.7.0.1 with an execution flow that grants unnecessary privileges, enabling local attackers with high privileges to escalate rights. The root cause is described as access control issues leading to privilege escalation. Exploitation detai...

6.7CVSS6.8AI score0.00258EPSS
CVE
CVE
added 2024/03/28 6:21 p.m.76 views

CVE-2024-25952

Dell PowerScale OneFS is affected by a local, high-privilege symbolic link (symlink) following vulnerability in versions 8.2.2.x through 9.7.0.x. The issue allows a local attacker with high privileges to potentially cause denial of service and tamper with information. Exploitation details are not...

6CVSS5.6AI score0.0019EPSS
CVE
CVE
added 2022/06/28 6:40 p.m.75 views

CVE-2022-31230

The CVE-2022-31230 entry concerns Dell PowerScale OneFS (versions 8.2.x–9.2.x) with a broken or risky cryptographic algorithm. The vulnerability could allow a remote unprivileged attacker to gain full system access. The issue is documented in NVD and supported by Dell EMC advisory DSA-2022-118. T...

10CVSS9.3AI score0.0059EPSS
CVE
CVE
added 2024/07/02 6:57 a.m.75 views

CVE-2024-32852

CVE-2024-32852 (Dell PowerScale OneFS) affects PowerScale OneFS versions 8.2.2.x through 9.7.0.0, where a broken or risky cryptographic algorithm is used. An unprivileged network attacker could potentially exploit this to cause data leaks. Connected documents (DSA-2024-255, Nessus plugin 277546) ...

7.5CVSS5.7AI score0.00205EPSS
CVE
CVE
added 2022/06/01 2:25 p.m.71 views

CVE-2022-29098

Dell PowerScale OneFS versions 8.2.0.x–9.3.0.x contain a weak password requirement that allows an administrator to create an account with no password, potentially enabling remote user account compromise. This is supported by multiple sources (NVD, CVE record, and vendor references). The risk is d...

8.1CVSS7.5AI score0.00969EPSS
CVE
CVE
added 2023/08/16 1:36 p.m.70 views

CVE-2023-32489

Dell PowerScale OneFS (versions 8.2x–9.5x) is affected by a privilege-escalation vulnerability that a local, highly privileged attacker could exploit to bypass mode protections and gain elevated privileges. The PT-2023-23822 entry mirrors the CVE-2023-32489 details and confirms the affected range...

6.7CVSS6.7AI score0.00162EPSS
CVE
CVE
added 2025/04/10 2:16 a.m.70 views

CVE-2025-22471

CVE-2025-22471 affects Dell PowerScale OneFS, versions 9.4.0.0 through 9.10.0.1, where an integer overflow or wraparound in an input validation path can be triggered by an unauthenticated, remotely accessible attacker to cause a denial of service. The issue is described in multiple sources as an ...

6.5CVSS7.5AI score0.00338EPSS
CVE
CVE
added 2025/04/10 2:10 a.m.68 views

CVE-2025-26330

Dell PowerScale OneFS, versions 9.4.0.0–9.10.0.1, contains an authorization logic error where an unauthenticated, locally-present attacker could access cluster resources with the historical privileges of a disabled account. Root cause described as incorrect authorization/disabled-state verificati...

7CVSS6.8AI score0.00144EPSS
CVE
CVE
added 2025/05/08 5:40 p.m.68 views

CVE-2025-30102

Dell PowerScale OneFS contains an out-of-bounds write vulnerability affecting versions 9.4.0.0 through 9.10.1.0. The flaw allows a local, low-privileged attacker to trigger a denial of service. Connected sources corroborate the issue across multiple CVE feeds (NVD/Red Hat/CNVD, Nessus) with the s...

5.5CVSS5.4AI score0.00181EPSS
CVE
CVE
added 2022/06/28 6:40 p.m.66 views

CVE-2022-31229

CVE-2022-31229 affects Dell PowerScale OneFS, versions 8.2.x through 9.3.0.x, due to an error message that exposes sensitive information. This leads to potential information disclosure. No exploitation details are provided in the documents. Remediation is available via Dell EMC security update (D...

9.6CVSS4.8AI score0.00713EPSS
CVE
CVE
added 2025/04/10 2:26 a.m.66 views

CVE-2025-23378

CVE-2025-23378 concerns Dell PowerScale OneFS, versions 9.4.0.0 through 9.10.0.0, and describes an information disclosure due to a directory listing exposure. The root cause is exposure of directory listing information that a low-privileged, locally deployed attacker could leverage to access sens...

3.3CVSS3.6AI score0.00148EPSS
CVE
CVE
added 2025/04/10 2:32 a.m.65 views

CVE-2025-26479

Dell PowerScale OneFS contains an out-of-bounds write vulnerability affecting versions 9.4.0.0 through 9.10.0.0, exploitable via NFS workflows and potentially causing data integrity issues. The issue stems from an application boundary error when processing untrusted input. Public references consi...

3.1CVSS4.1AI score0.00234EPSS
CVE
CVE
added 2025/04/10 2:22 a.m.65 views

CVE-2025-26480

CVE-2025-26480 affects Dell PowerScale OneFS, versions 9.5.0.0 through 9.10.0.0. The issue is an uncontrolled resource consumption that could allow an unauthenticated attacker with remote access to cause a denial of service. A fix is available in later builds; current guidance is to update to a v...

7.5CVSS7.2AI score0.00434EPSS
CVE
CVE
added 2024/03/28 5:49 p.m.64 views

CVE-2024-25959

Summary: CVE-2024-25959 affects Dell PowerScale OneFS 9.4.0.x–9.7.0.x, where sensitive information can be inserted into log files, enabling a low-privileged local attacker to disclose data and potentially escalate privileges. The root cause is a log information disclosure vulnerability in OneFS. ...

7.9CVSS7.5AI score0.00161EPSS
CVE
CVE
added 2024/05/14 6:32 a.m.64 views

CVE-2024-25968

Dell PowerScale OneFS (versions 8.2.x–9.7.0.2) is affected by a vulnerability due to defective cryptographic algorithms that could allow a remote unauthenticated attacker to cause information disclosure. The exploitation details are not provided in the document, and the entry notes that a fix exi...

7.5CVSS6.6AI score0.0044EPSS
CVE
CVE
added 2024/07/02 7:8 a.m.63 views

CVE-2024-32854

Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.0 are affected by CVE-2024-32854 due to improper privilege management, enabling a local high-privilege attacker to escalate to root. Connected sources (DSA-2024-255 and related entries) confirm the affected range and local-exploitability, but d...

6.7CVSS6.9AI score0.00157EPSS
CVE
CVE
added 2024/07/02 7:18 a.m.63 views

CVE-2024-37133

CVE-2024-37133 affects Dell PowerScale OneFS versions 8.2.2.x–9.8.0.0 due to an improper privilege management flaw. A local, high-privilege attacker could gain root-level access . The connected Nessus entries (DSA-2024-255) corroborate the vulnerability but do not specify a fixed version or patch...

6.7CVSS6.7AI score0.00157EPSS
CVE
CVE
added 2025/01/08 2:0 a.m.63 views

CVE-2024-47239

CVE-2024-47239 affects Dell PowerScale OneFS 8.2.2.x–9.9.0.0. The issue is an uncontrolled resource consumption that enables a remote, low-privilege attacker to cause a denial of service. The root cause is described as a Resource Management Error; no exploit details are provided in the documents....

6.5CVSS6.4AI score0.00441EPSS
CVE
CVE
added 2024/05/14 7:16 a.m.62 views

CVE-2024-25965

Dell PowerScale OneFS (versions 8.2.x–9.7.0.2) contains an external control of file name or path vulnerability. A local high-privilege attacker could exploit this to cause denial of service. Impact is aligned with local access and high-privilege requirements; no in-wild exploit details are provid...

6.1CVSS6.6AI score0.00218EPSS
CVE
CVE
added 2024/07/02 7:24 a.m.62 views

CVE-2024-37134

Dell PowerScale OneFS 8.2.2.x–9.8.0.0 is affected by an improper privilege management vulnerability (CVE-2024-37134). The issue can allow a local, high-privileged attacker to escalate to root. The Nessus/DSA-2024-255 entry corroborates the affected version range and the local-privilege escalation...

6.7CVSS6.7AI score0.00157EPSS
CVE
CVE
added 2024/12/09 2:29 p.m.62 views

CVE-2024-49603

CVE-2024-49603 affects Dell PowerScale OneFS versions 8.2.2.x–9.9.0.x and is caused by an incorrectly specified argument vulnerability that could allow a remote, low-privileged user to disclose information. Connected sources confirm the affected product and impact; one source notes exploitation i...

6.5CVSS6.6AI score0.00317EPSS
CVE
CVE
added 2024/05/14 7:7 a.m.61 views

CVE-2024-25966

CVE-2024-25966 concerns Dell PowerScale OneFS versions 8.2.x–9.7.0.2 with an improper handling of an unexpected data type. This leads to a potential denial of service from a remote, unauthenticated attacker, as stated in the CVE description. Connected sources confirm Dell PowerScale OneFS is the ...

7.5CVSS6.9AI score0.00925EPSS
CVE
CVE
added 2024/07/02 7:14 a.m.61 views

CVE-2024-37132

Dell PowerScale OneFS

6.7CVSS6.6AI score0.00149EPSS
CVE
CVE
added 2025/05/08 5:44 p.m.61 views

CVE-2025-30101

Dell PowerScale OneFS versions 9.8.0.0 through 9.10.1.0 are affected by a time-of-check/time-of-use (TOCTOU) race condition. An unauthenticated attacker with local access could exploit this to cause denial of service and information tampering. Confirmed details from multiple sources (NVD/NASL; Re...

6.3CVSS4.7AI score0.00132EPSS
CVE
CVE
added 2024/05/14 6:53 a.m.60 views

CVE-2024-25970

CVE-2024-25970 affects Dell PowerScale OneFS 8.2.x–9.7.0.1. The root cause is improper/input validation in PowerScale OneFS, allowing a low-privilege remote attacker to impact integrity. Documents specify exploitation status as not publicly detailed, and do not provide confirmed in-the-wild explo...

6.5CVSS6.8AI score0.00679EPSS
CVE
CVE
added 2024/08/31 7:40 a.m.60 views

CVE-2024-39579

CVE-2024-39579 affects Dell PowerScale OneFS 8.2.2.x–9.8.0.0, with an incorrect privilege assignment vulnerability that could allow a local, high-privilege attacker to obtain root-level access. The connected documents provide specific affected versions and the local exploit scenario; exploitation...

6.7CVSS6.7AI score0.00156EPSS
CVE
CVE
added 2021/08/02 11:45 p.m.59 views

CVE-2021-21553

CVE-2021-21553 affects Dell PowerScale OneFS versions 8.1.0–9.1.0 and is described as an Incorrect User Management vulnerability that can let a CompAdmin elevate privileges and break out of Compliance mode under certain conditions. The connected sources corroborate an Elevation of Privilege risk ...

8.8CVSS8.6AI score0.00222EPSS
CVE
CVE
added 2021/08/10 7:5 p.m.59 views

CVE-2021-21567

Summary: Dell PowerScale OneFS 9.1.0.x has an improper privilege management vulnerability that could let an authenticated user with ISI_PRIV_LOGIN_SSH and/or ISI_PRIV_LOGIN_CONSOLE escalate privileges. The issue is documented with CVSSv3 base score 7.8 (HIGH) and local access, with high impact to...

7.8CVSS7.5AI score0.00215EPSS
CVE
CVE
added 2024/07/02 7:3 a.m.59 views

CVE-2024-32853

Dell PowerScale OneFS is affected (versions 8.2.2.x through 9.7.0.2) by an execution with unnecessary privileges vulnerability that can enable local privilege escalation by a low-privileged attacker. The connected Nessus entry DSA-2024-255 notes a missing vendor patch; remediation involves applyi...

7.8CVSS7.3AI score0.00159EPSS
CVE
CVE
added 2024/12/09 2:38 p.m.59 views

CVE-2024-42426

Dell PowerScale OneFS (versions 9.5.0.x–9.8.0.x) contains an uncontrolled resource consumption vulnerability exploitable by a low-privilege remote attacker, potentially causing denial of service. Affected component is PowerScale OneFS OS; root cause is resource management/consumption issues descr...

6.5CVSS7AI score0.00457EPSS
CVE
CVE
added 2024/03/28 6:38 p.m.58 views

CVE-2024-25954

Dell PowerScale OneFS (versions 9.5.0.x–9.7.0.x) contains an insufficient session expiration vulnerability that can be exploited remotely by an unauthenticated attacker to cause a denial of service. Evidence from multiple sources confirms the affected product and impact; the CVSS base metrics ind...

7.5CVSS6.9AI score0.00586EPSS
CVE
CVE
added 2024/08/31 7:33 a.m.58 views

CVE-2024-39578

Summary: CVE-2024-39578 affects Dell PowerScale OneFS. The vulnerability is a UNIX symbolic link following issue that could allow a local high-privilege attacker to cause denial of service and information tampering on affected systems. Affected software: Dell PowerScale OneFS versions 8.2.2.x thr...

6.3CVSS6.6AI score0.00193EPSS
CVE
CVE
added 2024/03/28 6:13 p.m.57 views

CVE-2024-25960

CVE-2024-25960 affects Dell PowerScale OneFS versions 8.2.2.x–9.7.0.x, where a cleartext transmission of sensitive information is possible. The root cause is plaintext data exposure enabling a local, low-privilege attacker to escalate privileges. Affected component: PowerScale OneFS operating sys...

7.8CVSS7AI score0.00113EPSS
CVE
CVE
added 2024/05/14 7:24 a.m.57 views

CVE-2024-25969

Dell PowerScale OneFS contains an allocation of resources without limits or throttling vulnerability affecting versions 8.2.x–9.7.0.1. The issue allows a local, unauthenticated attacker to cause a denial of service via uncontrolled resource allocation. The most concrete details come from multiple...

6.2CVSS6.7AI score0.00215EPSS
CVE
CVE
added 2023/11/02 10:37 a.m.56 views

CVE-2023-43076

CVE-2023-43076 affects Dell PowerScale OneFS 8.2.x and 9.0.0.x–9.5.0.x. The issue is described as a denial-of-service condition that can be triggered by a low-privilege remote attacker, leading to an out-of-memory (OOM) state. The available documents identify the vulnerable component and the impa...

6.5CVSS6.5AI score0.00624EPSS
CVE
CVE
added 2024/07/02 7:28 a.m.56 views

CVE-2024-37126

Dell PowerScale OneFS versions 8.2.2.x–9.8.0.0 are affected by an improper privilege management vulnerability that can allow a local, high-privileged attacker to gain root-level access. The issue is tied to insufficient access control within the OneFS OS. A vendor security update referenced as DS...

6.7CVSS6.7AI score0.00157EPSS
CVE
CVE
added 2024/12/09 2:22 p.m.56 views

CVE-2024-49602

CVE-2024-49602 affects Dell PowerScale OneFS versions 8.2.2.x–9.8.0.x, with an improper resource unlocking vulnerability that can allow a remote low-privilege attacker to cause a denial of service. The NVD entry assigns a CVSS v3.1 base score of 6.5 (Network, Low.user interaction required: none; ...

6.5CVSS6.9AI score0.00358EPSS
CVE
CVE
added 2023/02/10 8:41 p.m.55 views

CVE-2022-34445

Dell PowerScale OneFS (versions 8.2.x–9.3.x) contains a weak encoding for a password, enabling a locally privileged attacker to potentially disclose information. Affected component is the password encoding mechanism; root cause is the weak encoding approach. The vulnerability is local-privilege-e...

6CVSS4.4AI score0.0017EPSS
CVE
CVE
added 2023/08/16 1:44 p.m.55 views

CVE-2023-32491

Dell PowerScale OneFS 9.5.0.x is affected by a vulnerability where sensitive information can be inserted into SNMPv3 log files, enabling information disclosure via a low-privilege user. The root cause is exposure through log file writes in SNMPv3. Exploitation details are not provided in the docu...

6.5CVSS6.2AI score0.00342EPSS
CVE
CVE
added 2024/03/28 6:32 p.m.55 views

CVE-2024-25963

Dell PowerScale OneFS (versions 8.2.2.x–9.5.0.x) has an encryption issue due to use of a broken cryptographic algorithm, enabling a remote unauthenticated attacker to potentially disclose information. Affected component is the OneFS cryptographic implementation; root cause described as broken alg...

7.5CVSS5.5AI score0.0032EPSS
CVE
CVE
added 2021/12/21 5:5 p.m.53 views

CVE-2021-36350

CVE-2021-36350 concerns Dell PowerScale OneFS versions 8.2.2–9.3.0.x, which allegedly contain an authentication bypass due to a weakness in one of the authentication factors. The public documents describe a remote, unauthenticated attacker potentially bypassing authentication. The available sourc...

7.5CVSS7.8AI score0.01091EPSS
CVE
CVE
added 2023/03/02 3:55 p.m.53 views

CVE-2023-25536

CVE-2023-25536 affects Dell PowerScale OneFS 9.4.0.x. The vulnerability is an information disclosure where an authenticated local user could exploit certificate management to obtain sensitive data, potentially leading to a system takeover. The CVSS vector (LOCAL, HIGH privileges, no user interact...

6.7CVSS6.1AI score0.00115EPSS
CVE
CVE
added 2021/08/02 11:45 p.m.51 views

CVE-2021-21565

CVE-2021-21565 affects Dell PowerScale OneFS 9.1.0.3 and earlier. The DoS arises from an error condition in SmartConnect that can loop, consuming CPU and potentially blocking other SmartConnect DNS responses. The practical impact is availability degradation for affected deployments. Connected sou...

5.3CVSS5.2AI score0.00946EPSS
Total number of security vulnerabilities93