Total
84 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-31239 | 1 Dell | 1 Emc Powerscale Onefs | 2024-02-28 | N/A | 4.4 MEDIUM |
Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.19, 9.2.1.12, and 9.3.0.6, contain sensitive data in log files vulnerability. A privileged local user may potentially exploit this vulnerability, leading to disclosure of this sensitive data. | |||||
CVE-2022-31237 | 1 Dell | 1 Emc Powerscale Onefs | 2024-02-28 | N/A | 3.3 LOW |
Dell PowerScale OneFS, versions 9.2.0 up to and including 9.2.1.12 and 9.3.0.5 contain an improper preservation of permissions vulnerability in SyncIQ. A low privileged local attacker may potentially exploit this vulnerability, leading to limited information disclosure. | |||||
CVE-2022-32480 | 1 Dell | 1 Emc Powerscale Onefs | 2024-02-28 | N/A | 6.5 MEDIUM |
Dell PowerScale OneFS, versions 9.0.0, up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0.2, contain an insecure default initialization of a resource vulnerability. A remote authenticated attacker may potentially exploit this vulnerability, leading to information disclosure. | |||||
CVE-2022-34369 | 1 Dell | 1 Emc Powerscale Onefs | 2024-02-28 | N/A | 7.5 HIGH |
Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.20, 9.2.1.13, 9.3.0.6, and 9.4.0.3 , contain an insertion of sensitive information in log files vulnerability. A remote unprivileged attacker could potentially exploit this vulnerability, leading to exposure of this sensitive data. | |||||
CVE-2022-34378 | 1 Dell | 1 Emc Powerscale Onefs | 2024-02-28 | N/A | 5.5 MEDIUM |
Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.20, 9.2.1.13, 9.3.0.6, and 9.4.0.3, contain a relative path traversal vulnerability. A low privileged local attacker could potentially exploit this vulnerability, leading to denial of service. | |||||
CVE-2022-34437 | 1 Dell | 1 Emc Powerscale Onefs | 2024-02-28 | N/A | 6.7 MEDIUM |
Dell PowerScale OneFS, versions 8.2.2-9.3.0, contain an OS command injection vulnerability. A privileged local malicious user could potentially exploit this vulnerability, leading to a full system compromise. This impacts compliance mode clusters. | |||||
CVE-2022-31238 | 1 Dell | 1 Emc Powerscale Onefs | 2024-02-28 | N/A | 5.5 MEDIUM |
Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0.2, contain a process invoked with sensitive information vulnerability. A CLI user may potentially exploit this vulnerability, leading to information disclosure. | |||||
CVE-2022-33932 | 1 Dell | 1 Emc Powerscale Onefs | 2024-02-28 | N/A | 5.3 MEDIUM |
Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0.2, contain an unprotected primary channel vulnerability. An unauthenticated network malicious attacker may potentially exploit this vulnerability, leading to a denial of filesystem services. | |||||
CVE-2022-34371 | 1 Dell | 1 Emc Powerscale Onefs | 2024-02-28 | N/A | 9.8 CRITICAL |
Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0.3, contain an unprotected transport of credentials vulnerability. A malicious unprivileged network attacker could potentially exploit this vulnerability, leading to full system compromise. | |||||
CVE-2022-34438 | 1 Dell | 1 Emc Powerscale Onefs | 2024-02-28 | N/A | 6.7 MEDIUM |
Dell PowerScale OneFS, versions 8.2.x-9.4.0.x, contain a privilege context switching error. A local authenticated malicious user with high privileges could potentially exploit this vulnerability, leading to full system compromise. This impacts compliance mode clusters. | |||||
CVE-2022-26851 | 1 Dell | 1 Emc Powerscale Onefs | 2024-02-28 | 6.4 MEDIUM | 9.1 CRITICAL |
Dell PowerScale OneFS, 8.2.2-9.3.x, contains a predictable file name from observable state vulnerability. An unprivileged network attacker could potentially exploit this vulnerability, leading to data loss. | |||||
CVE-2022-23161 | 1 Dell | 1 Emc Powerscale Onefs | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
Dell PowerScale OneFS versions 8.2.x - 9.3.0.x contain a denial-of-service vulnerability in SmartConnect. An unprivileged network attacker may potentially exploit this vulnerability, leading to denial-of-service. | |||||
CVE-2022-22560 | 1 Dell | 1 Emc Powerscale Onefs | 2024-02-28 | 4.9 MEDIUM | 5.5 MEDIUM |
Dell EMC PowerScale OneFS 8.1.x - 9.1.x contain hard coded credentials. This allows a local user with knowledge of the credentials to login as the admin user to the backend ethernet switch of a PowerScale cluster. The attacker can exploit this vulnerability to take the switch offline. | |||||
CVE-2022-22562 | 1 Dell | 1 Emc Powerscale Onefs | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
Dell PowerScale OneFS, versions 8.2.0-9.3.0, contain a improper handling of missing values exploit. An unauthenticated network attacker could potentially exploit this denial-of-service vulnerability. | |||||
CVE-2022-22561 | 1 Dell | 1 Emc Powerscale Onefs | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
Dell PowerScale OneFS, versions 8.2.x-9.3.0.x, contain an improper restriction of excessive authentication attempts. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to compromised accounts. | |||||
CVE-2022-26852 | 1 Dell | 1 Emc Powerscale Onefs | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
Dell PowerScale OneFS, versions 8.2.x-9.3.x, contain a predictable seed in pseudo-random number generator. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to an account compromise. | |||||
CVE-2022-22563 | 1 Dell | 1 Emc Powerscale Onefs | 2024-02-28 | 2.1 LOW | 4.4 MEDIUM |
Dell EMC Powerscale OneFS 8.2.x - 9.2.x omit security-relevant information in /etc/master.passwd. A high-privileged user can exploit this vulnerability to not record information identifying the source of account information changes. | |||||
CVE-2022-23159 | 1 Dell | 1 Emc Powerscale Onefs | 2024-02-28 | 4.0 MEDIUM | 6.5 MEDIUM |
Dell PowerScale OneFS, 8.2.2 - 9.3.0.x, contain a missing release of memory after effective lifetime vulnerability. An authenticated user with ISI_PRIV_LOGIN_SSH and/or ISI_PRIV_LOGIN_CONSOLE and ISI_PRIV_AUTH_PROVIDERS privileges could exploit this vulnerability, leading to a Denial-Of-Service. This can also impact a cluster in Compliance mode. Dell recommends to update at the earliest opportunity. | |||||
CVE-2022-24428 | 1 Dell | 1 Emc Powerscale Onefs | 2024-02-28 | 6.5 MEDIUM | 8.8 HIGH |
Dell PowerScale OneFS, versions 8.2.x, 9.0.0.x, 9.1.0.x, 9.2.0.x, 9.2.1.x, and 9.3.0.x, contain an improper preservation of privileges. A remote filesystem user with a local account could potentially exploit this vulnerability, leading to an escalation of file privileges and information disclosure. | |||||
CVE-2022-23163 | 1 Dell | 1 Emc Powerscale Onefs | 2024-02-28 | 2.1 LOW | 5.5 MEDIUM |
Dell PowerScale OneFS, 8.2,x, 9.1.0.x, 9.2.1.x, and 9.3.0.x contain a denial of service vulnerability. A local malicious user could potentially exploit this vulnerability, leading to denial of service/data unavailability. |