Powerscale Onefs Security Vulnerabilities and Issues — Powerscale Onefs CVE List

Lucene search

DellPowerscale Onefs

44 matches found

CVE•added 2021/08/16 10:15 p.m.•80 views

CVE-2021-21599

Dell EMC PowerScale OneFS versions 8.2.x - 9.2.1.x contain an OS command injection vulnerability. This may allow a user with ISI_PRIV_LOGIN_SSH or ISI_PRIV_LOGIN_CONSOLE to escalate privileges and escape the compliance guarantees. This only impacts Smartlock WORM compliance mode clusters as a criti...

6.7CVSS6.9AI score0.00297EPSS

CVE•added 2024/03/28 7:15 p.m.•71 views

CVE-2024-25953

Dell PowerScale OneFS versions 9.4.0.x through 9.7.0.x contains an UNIX symbolic link (symlink) following vulnerability. A local high privileged attacker could potentially exploit this vulnerability, leading to denial of service, information tampering.

6CVSS5.6AI score0.00095EPSS

CVE•added 2022/04/12 6:15 p.m.•70 views

CVE-2022-22550

Dell PowerScale OneFS, versions 8.2.2 and above, contain a password disclosure vulnerability. An unprivileged local attacker could potentially exploit this vulnerability, leading to account take over.

6.7CVSS6.4AI score0.00036EPSS

CVE•added 2021/08/16 10:15 p.m.•67 views

CVE-2021-21595

Dell EMC PowerScale OneFS versions 8.2.x - 9.1.1.x contain an improper neutralization of special elements used in an OS command. This vulnerability could allow the compadmin user to elevate privileges. This only impacts Smartlock WORM compliance mode clusters as a critical vulnerability and Dell re...

6.7CVSS6.4AI score0.00186EPSS

CVE•added 2022/04/12 6:15 p.m.•67 views

CVE-2022-23159

Dell PowerScale OneFS, 8.2.2 - 9.3.0.x, contain a missing release of memory after effective lifetime vulnerability. An authenticated user with ISI_PRIV_LOGIN_SSH and/or ISI_PRIV_LOGIN_CONSOLE and ISI_PRIV_AUTH_PROVIDERS privileges could exploit this vulnerability, leading to a Denial-Of-Service. Th...

6.5CVSS6.3AI score0.00201EPSS

CVE•added 2021/08/16 10:15 p.m.•64 views

CVE-2021-21592

Dell EMC PowerScale OneFS versions 8.2.x - 9.2.x improperly handle an exceptional condition. A remote low privileged user could potentially exploit this vulnerability, leading to unauthorized information disclosure.

6.5CVSS6.1AI score0.00215EPSS

CVE•added 2024/03/28 7:15 p.m.•62 views

CVE-2024-25952

Dell PowerScale OneFS versions 8.2.2.x through 9.7.0.x contains an UNIX symbolic link (symlink) following vulnerability. A local high privileged attacker could potentially exploit this vulnerability, leading to denial of service, information tampering.

6CVSS5.6AI score0.00095EPSS

CVE•added 2024/05/14 4:16 p.m.•62 views

CVE-2024-25967

Dell PowerScale OneFS versions 8.2.x through 9.7.0.1 contains an execution with unnecessary privileges vulnerability. A local high privileged attacker could potentially exploit this vulnerability, leading to escalation of privileges.

6.7CVSS6.8AI score0.00076EPSS

CVE•added 2025/04/10 3:15 a.m.•56 views

CVE-2025-22471

Dell PowerScale OneFS, versions 9.4.0.0 through 9.10.0.1, contains an integer overflow or wraparound vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to denial of service.

6.5CVSS7.5AI score0.00052EPSS

CVE•added 2022/10/21 6:15 p.m.•55 views

CVE-2022-34438

Dell PowerScale OneFS, versions 8.2.x-9.4.0.x, contain a privilege context switching error. A local authenticated malicious user with high privileges could potentially exploit this vulnerability, leading to full system compromise. This impacts compliance mode clusters.

6.7CVSS6.2AI score0.00044EPSS

CVE•added 2024/03/28 6:15 p.m.•55 views

CVE-2024-25961

Dell PowerScale OneFS versions 8.2.2.x through 9.7.0.x contains an improper privilege management vulnerability. A local high privileged attacker could potentially exploit this vulnerability, leading to escalation of privileges.

6.7CVSS6.8AI score0.00056EPSS

CVE•added 2022/10/21 6:15 p.m.•52 views

CVE-2022-31239

Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.19, 9.2.1.12, and 9.3.0.6, contain sensitive data in log files vulnerability. A privileged local user may potentially exploit this vulnerability, leading to disclosure of this sensitive data.

6.7CVSS4.5AI score0.00119EPSS

CVE•added 2024/07/02 7:15 a.m.•49 views

CVE-2024-32854

Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.0 contain an improper privilege management vulnerability. A local high privilege attacker could potentially exploit this vulnerability, leading to privilege escalation.

6.7CVSS6.9AI score0.00031EPSS

CVE•added 2024/07/02 8:15 a.m.•47 views

CVE-2024-37133

Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.0 contain an improper privilege management vulnerability. A local high privileged attacker could potentially exploit this vulnerability, leading to unauthorized gain of root-level access.

6.7CVSS6.7AI score0.0003EPSS

CVE•added 2024/07/02 8:15 a.m.•46 views

CVE-2024-37132

Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.0 contain an incorrect privilege assignment vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Denial of service and Elevation of privileges.

6.7CVSS6.6AI score0.00026EPSS

CVE•added 2024/07/02 8:15 a.m.•46 views

CVE-2024-37134

6.7CVSS6.7AI score0.00031EPSS

CVE•added 2022/08/22 5:15 p.m.•45 views

CVE-2022-32480

Dell PowerScale OneFS, versions 9.0.0, up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0.2, contain an insecure default initialization of a resource vulnerability. A remote authenticated attacker may potentially exploit this vulnerability, leading to information disclosure.

6.5CVSS6AI score0.00156EPSS

CVE•added 2023/04/04 11:15 a.m.•45 views

CVE-2023-25942

Dell PowerScale OneFS versions 8.2.x-9.4.x contain an uncontrolled resource consumption vulnerability. A malicious network user with low privileges could potentially exploit this vulnerability in SMB, leading to a potential denial of service.

6.5CVSS6.3AI score0.00227EPSS

CVE•added 2024/05/14 4:16 p.m.•45 views

CVE-2024-25965

Dell PowerScale OneFS versions 8.2.x through 9.7.0.2 contains an external control of file name or path vulnerability. A local high privilege attacker could potentially exploit this vulnerability, leading to denial of service.

6.1CVSS6.6AI score0.00069EPSS

CVE•added 2024/05/14 4:16 p.m.•45 views

CVE-2024-25970

Dell PowerScale OneFS versions 8.2.x through 9.7.0.1 contains an improper input validation vulnerability. A low privileged remote attacker could potentially exploit this vulnerability, leading to loss of integrity.

6.5CVSS6.8AI score0.0026EPSS

CVE•added 2022/10/21 6:15 p.m.•44 views

CVE-2022-34437

Dell PowerScale OneFS, versions 8.2.2-9.3.0, contain an OS command injection vulnerability. A privileged local malicious user could potentially exploit this vulnerability, leading to a full system compromise. This impacts compliance mode clusters.

6.7CVSS6.5AI score0.00111EPSS

CVE•added 2024/12/09 3:15 p.m.•44 views

CVE-2024-49603

Dell PowerScale OneFS Versions 8.2.2.x through 9.9.0.x contain an incorrect specified argument vulnerability. A remote low privileged legitimate user could potentially exploit this vulnerability, leading to information disclosure.

6.5CVSS6.6AI score0.00068EPSS

CVE•added 2024/08/31 8:15 a.m.•43 views

CVE-2024-39578

Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.1 contains a UNIX symbolic link (symlink) following vulnerability. A local high privileged attacker could potentially exploit this vulnerability, leading to denial of service, information tampering.

6.3CVSS6.6AI score0.00045EPSS

CVE•added 2024/12/09 3:15 p.m.•43 views

CVE-2024-42426

Dell PowerScale OneFS Versions 9.5.0.x through 9.8.0.x contain an uncontrolled resource consumption vulnerability. A low privilege remote attacker could potentially exploit this vulnerability, leading to denial of service.

6.5CVSS7AI score0.00242EPSS

CVE•added 2021/11/12 11:15 p.m.•42 views

CVE-2021-36305

Dell PowerScale OneFS contains an Unsynchronized Access to Shared Data in a Multithreaded Context in SMB CA handling. An authenticated user of SMB on a cluster with CA could potentially exploit this vulnerability, leading to a denial of service over SMB.

6.5CVSS6.3AI score0.00237EPSS

CVE•added 2024/08/31 8:15 a.m.•42 views

CVE-2024-39579

Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.0 contains an incorrect privilege assignment vulnerability. A local high privileged attacker could potentially exploit this vulnerability to gain root-level access.

6.7CVSS6.7AI score0.00031EPSS

CVE•added 2024/12/09 3:15 p.m.•42 views

CVE-2024-49602

Dell PowerScale OneFS Versions 8.2.2.x through 9.8.0.x contain an improper resource unlocking vulnerability. A remote low privileged attacker could potentially exploit this vulnerability, leading to denial of service.

6.5CVSS6.9AI score0.00188EPSS

CVE•added 2023/11/02 11:15 a.m.•41 views

CVE-2023-43076

Dell PowerScale OneFS 8.2.x,9.0.0.x-9.5.0.x contains a denial-of-service vulnerability. A low privilege remote attacker could potentially exploit this vulnerability to cause an out of memory (OOM) condition.

6.5CVSS6.5AI score0.00572EPSS

CVE•added 2024/07/02 8:15 a.m.•41 views

CVE-2024-37126

6.7CVSS6.7AI score0.0003EPSS

CVE•added 2025/01/08 3:15 a.m.•41 views

CVE-2024-47239

Dell PowerScale OneFS versions 8.2.2.x through 9.9.0.0 contain an uncontrolled resource consumption vulnerability. A remote low privileged attacker could potentially exploit this vulnerability, leading to denial of service.

6.5CVSS6.4AI score0.00201EPSS

CVE•added 2023/02/11 1:23 a.m.•39 views

CVE-2022-34445

Dell PowerScale OneFS, versions 8.2.x through 9.3.x contain a weak encoding for a password. A malicious local privileged attacker may potentially exploit this vulnerability, leading to information disclosure.

6CVSS4.4AI score0.00025EPSS

CVE•added 2023/03/02 4:15 p.m.•39 views

CVE-2023-25536

Dell PowerScale OneFS 9.4.0.x contains exposure of sensitive information to an unauthorized actor. A malicious authenticated local user could potentially exploit this vulnerability in certificate management, leading to a potential system takeover.

6.7CVSS6.1AI score0.00039EPSS

CVE•added 2023/08/16 2:15 p.m.•39 views

CVE-2023-32489

Dell PowerScale OneFS 8.2x -9.5x contains a privilege escalation vulnerability. A local attacker with high privileges could potentially exploit this vulnerability, to bypass mode protections and gain elevated privileges.

6.7CVSS6.7AI score0.00009EPSS

CVE•added 2025/05/08 6:15 p.m.•39 views

CVE-2025-30101

Dell PowerScale OneFS, versions 9.8.0.0 through 9.10.1.0, contain a time-of-check time-of-use (TOCTOU) race condition vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to denial of service and information tampering.

6.3CVSS4.7AI score0.00022EPSS

CVE•added 2023/11/02 11:15 a.m.•37 views

CVE-2023-43087

Dell PowerScale OneFS 8.2.x, 9.0.0.x-9.5.0.x contains an improper handling of insufficient permissions. A low privileged remote attacker could potentially exploit this vulnerability to cause information disclosure.

6.5CVSS6.3AI score0.00121EPSS

CVE•added 2024/05/14 4:16 p.m.•37 views

CVE-2024-25969

Dell PowerScale OneFS versions 8.2.x through 9.7.0.1 contains an allocation of resources without limits or throttling vulnerability. A local unauthenticated attacker could potentially exploit this vulnerability, leading to denial of service.

6.2CVSS6.7AI score0.00069EPSS

CVE•added 2023/02/01 6:15 a.m.•36 views

CVE-2022-45098

Dell PowerScale OneFS, 9.0.0.x-9.4.0.x, contain a cleartext storage of sensitive information vulnerability in S3 component. An authenticated local attacker could potentially exploit this vulnerability, leading to information disclosure.

6.1CVSS5AI score0.00024EPSS

CVE•added 2023/08/16 2:15 p.m.•36 views

CVE-2023-32490

Dell PowerScale OneFS 8.2x -9.5x contains an improper privilege management vulnerability. A high privilege local attacker could potentially exploit this vulnerability, leading to system takeover.

6.7CVSS6.3AI score0.0003EPSS

CVE•added 2021/08/03 12:15 a.m.•35 views

CVE-2021-21563

Dell EMC PowerScale OneFS versions 8.1.2-9.1.0.x contain an Improper Check for Unusual or Exceptional Conditions in its auditing component.This can lead to an authenticated user with low-privileges to trigger a denial of service event.

6.5CVSS6.3AI score0.00237EPSS

CVE•added 2023/08/16 2:15 p.m.•34 views

CVE-2023-32491

Dell PowerScale OneFS 9.5.0.x, contains an insertion of sensitive information into log file vulnerability in SNMPv3. A low privileges user could potentially exploit this vulnerability, leading to information disclosure.

6.5CVSS6.2AI score0.00125EPSS

CVE•added 2023/02/01 5:15 a.m.•33 views

CVE-2022-45095

Dell PowerScale OneFS, 8.2.x-9.4.x, contain a command injection vulnerability. An authenticated user having access local shell and having the privilege to gather logs from the cluster could potentially exploit this vulnerability, leading to execute arbitrary commands, denial of service, information...

6.7CVSS7AI score0.00068EPSS

CVE•added 2023/02/01 5:15 a.m.•32 views

CVE-2022-45096

Dell PowerScale OneFS, 8.2.0 through 9.3.0, contain an User Interface Security Issue. An unauthenticated remote user could unintentionally lead an administrator to enable this vulnerability, leading to disclosure of information.

6.5CVSS6.4AI score0.00249EPSS

CVE•added 2023/08/16 1:15 p.m.•32 views

CVE-2023-32494

Dell PowerScale OneFS, 8.0.x-9.5.x, contains an improper handling of insufficient privileges vulnerability. A local privileged attacker could potentially exploit this vulnerability, leading to elevation of privilege and affect in compliance mode also.

6.7CVSS6.4AI score0.0003EPSS

CVE•added 2023/02/10 10:15 a.m.•28 views

CVE-2022-34454

Dell PowerScale OneFS, versions 8.2.x-9.3.x, contain a heap-based buffer overflow. A local privileged malicious user could potentially exploit this vulnerability, leading to system takeover. This impacts compliance mode clusters.

6.7CVSS6.3AI score0.00066EPSS