Filtered by vendor Dell
Subscriptions
Filtered by product Emc Powerscale Onefs
Subscriptions
Total
84 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-25940 | 1 Dell | 1 Emc Powerscale Onefs | 2023-06-22 | 7.8 High |
| Dell PowerScale OneFS version 9.5.0.0 contains improper link resolution before file access vulnerability in isi_gather_info. A high privileged local attacker could potentially exploit this vulnerability, leading to system takeover and it breaks the compliance mode guarantees. | ||||
| CVE-2022-34437 | 1 Dell | 1 Emc Powerscale Onefs | 2022-10-24 | 6.7 Medium |
| Dell PowerScale OneFS, versions 8.2.2-9.3.0, contain an OS command injection vulnerability. A privileged local malicious user could potentially exploit this vulnerability, leading to a full system compromise. This impacts compliance mode clusters. | ||||
| CVE-2022-34438 | 1 Dell | 1 Emc Powerscale Onefs | 2022-10-24 | 6.7 Medium |
| Dell PowerScale OneFS, versions 8.2.x-9.4.0.x, contain a privilege context switching error. A local authenticated malicious user with high privileges could potentially exploit this vulnerability, leading to full system compromise. This impacts compliance mode clusters. | ||||
| CVE-2022-31239 | 1 Dell | 1 Emc Powerscale Onefs | 2022-10-24 | 4.4 Medium |
| Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.19, 9.2.1.12, and 9.3.0.6, contain sensitive data in log files vulnerability. A privileged local user may potentially exploit this vulnerability, leading to disclosure of this sensitive data. | ||||
| CVE-2022-34439 | 1 Dell | 1 Emc Powerscale Onefs | 2022-10-24 | 7.5 High |
| Dell PowerScale OneFS, versions 8.2.0.x-9.4.0.x contain allocation of Resources Without Limits or Throttling vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to denial of service and performance issue on that node. | ||||
| CVE-2020-26197 | 1 Dell | 1 Emc Powerscale Onefs | 2022-10-21 | 9.1 Critical |
| Dell PowerScale OneFS 8.1.0 - 9.1.0 contains an LDAP Provider inability to connect over TLSv1.2 vulnerability. It may make it easier to eavesdrop and decrypt such traffic for a malicious actor. Note: This does not affect clusters which are not relying on an LDAP server for the authentication provider. | ||||
| CVE-2020-26195 | 1 Dell | 1 Emc Powerscale Onefs | 2022-10-21 | 5.3 Medium |
| Dell EMC PowerScale OneFS versions 8.1.2 – 9.1.0 contain an issue where the OneFS SMB directory auto-create may erroneously create a directory for a user. A remote unauthenticated attacker may take advantage of this issue to slow down the system. | ||||
| CVE-2021-36278 | 1 Dell | 1 Emc Powerscale Onefs | 2022-10-06 | 5.5 Medium |
| Dell EMC PowerScale OneFS versions 8.2.x, 9.1.0.x, and 9.1.1.1 contain a sensitive information exposure vulnerability in log files. A local malicious user with ISI_PRIV_LOGIN_SSH, ISI_PRIV_LOGIN_CONSOLE, or ISI_PRIV_SYS_SUPPORT privileges may exploit this vulnerability to access sensitive information. If any third-party consumes those logs, the same sensitive information is available to those systems as well. | ||||
| CVE-2022-23161 | 1 Dell | 1 Emc Powerscale Onefs | 2022-09-30 | 7.5 High |
| Dell PowerScale OneFS versions 8.2.x - 9.3.0.x contain a denial-of-service vulnerability in SmartConnect. An unprivileged network attacker may potentially exploit this vulnerability, leading to denial-of-service. | ||||
| CVE-2022-34378 | 1 Dell | 1 Emc Powerscale Onefs | 2022-09-08 | 5.5 Medium |
| Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.20, 9.2.1.13, 9.3.0.6, and 9.4.0.3, contain a relative path traversal vulnerability. A low privileged local attacker could potentially exploit this vulnerability, leading to denial of service. | ||||
| CVE-2022-34369 | 1 Dell | 1 Emc Powerscale Onefs | 2022-09-08 | 7.5 High |
| Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.20, 9.2.1.13, 9.3.0.6, and 9.4.0.3 , contain an insertion of sensitive information in log files vulnerability. A remote unprivileged attacker could potentially exploit this vulnerability, leading to exposure of this sensitive data. | ||||
| CVE-2022-31237 | 1 Dell | 1 Emc Powerscale Onefs | 2022-08-24 | 3.3 Low |
| Dell PowerScale OneFS, versions 9.2.0 up to and including 9.2.1.12 and 9.3.0.5 contain an improper preservation of permissions vulnerability in SyncIQ. A low privileged local attacker may potentially exploit this vulnerability, leading to limited information disclosure. | ||||
| CVE-2022-32480 | 1 Dell | 1 Emc Powerscale Onefs | 2022-08-24 | 6.5 Medium |
| Dell PowerScale OneFS, versions 9.0.0, up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0.2, contain an insecure default initialization of a resource vulnerability. A remote authenticated attacker may potentially exploit this vulnerability, leading to information disclosure. | ||||
| CVE-2022-33932 | 1 Dell | 1 Emc Powerscale Onefs | 2022-08-24 | 5.3 Medium |
| Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0.2, contain an unprotected primary channel vulnerability. An unauthenticated network malicious attacker may potentially exploit this vulnerability, leading to a denial of filesystem services. | ||||
| CVE-2021-21502 | 1 Dell | 1 Emc Powerscale Onefs | 2022-07-12 | 9.8 Critical |
| Dell PowerScale OneFS versions 8.1.0 – 9.1.0 contain a "use of SSH key past account expiration" vulnerability. A user on the network with the ISI_PRIV_AUTH_SSH RBAC privilege that has an expired account may potentially exploit this vulnerability, giving them access to the same things they had before account expiration. This may by a high privileged account and hence Dell recommends customers upgrade at the earliest opportunity. | ||||
| CVE-2021-36305 | 1 Dell | 1 Emc Powerscale Onefs | 2022-06-28 | 6.5 Medium |
| Dell PowerScale OneFS contains an Unsynchronized Access to Shared Data in a Multithreaded Context in SMB CA handling. An authenticated user of SMB on a cluster with CA could potentially exploit this vulnerability, leading to a denial of service over SMB. | ||||
| CVE-2021-21568 | 1 Dell | 1 Emc Powerscale Onefs | 2022-05-03 | 4.3 Medium |
| Dell EMC PowerScale OneFS versions 8.2.x - 9.2.x contain an insufficient logging vulnerability. An authenticated user with ISI_PRIV_LOGIN_PAPI could make un-audited and un-trackable configuration changes to settings that their roles have privileges to change. | ||||
| CVE-2021-36282 | 1 Dell | 1 Emc Powerscale Onefs | 2022-05-03 | 3.3 Low |
| Dell EMC PowerScale OneFS versions 8.2.x - 9.1.0.x contain a use of uninitialized resource vulnerability. This can potentially allow an authenticated user with ISI_PRIV_LOGIN_CONSOLE or ISI_PRIV_LOGIN_SSH privileges to gain access up to 24 bytes of data within the /ifs kernel stack under certain conditions. | ||||
| CVE-2022-24413 | 1 Dell | 1 Emc Powerscale Onefs | 2022-04-20 | 3.6 Low |
| Dell PowerScale OneFS, versions 8.2.2-9.3.x, contain a time-of-check-to-time-of-use vulnerability. A local user with access to the filesystem could potentially exploit this vulnerability, leading to data loss. | ||||
| CVE-2022-24412 | 1 Dell | 1 Emc Powerscale Onefs | 2022-04-20 | 7.5 High |
| Dell EMC PowerScale OneFS 8.2.x - 9.3.0.x contain an improper handling of value vulnerability. An unprivileged network attacker could potentially exploit this vulnerability, leading to denial-of-service. | ||||