Total
84 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-22559 | 1 Dell | 1 Emc Powerscale Onefs | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
Dell PowerScale OneFS, version 9.3.0, contains a use of a broken or risky cryptographic algorithm. An unprivileged network attacker could exploit this vulnerability, leading to the potential for information disclosure. | |||||
CVE-2022-26854 | 1 Dell | 1 Emc Powerscale Onefs | 2024-02-28 | 10.0 HIGH | 9.8 CRITICAL |
Dell PowerScale OneFS, versions 8.2.x-9.2.x, contain risky cryptographic algorithms. A remote unprivileged malicious attacker could potentially exploit this vulnerability, leading to full system access | |||||
CVE-2022-24412 | 1 Dell | 1 Emc Powerscale Onefs | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
Dell EMC PowerScale OneFS 8.2.x - 9.3.0.x contain an improper handling of value vulnerability. An unprivileged network attacker could potentially exploit this vulnerability, leading to denial-of-service. | |||||
CVE-2022-23160 | 1 Dell | 1 Emc Powerscale Onefs | 2024-02-28 | 4.0 MEDIUM | 4.3 MEDIUM |
Dell PowerScale OneFS, versions 8.2.0-9.3.0, contains an Improper Handling of Insufficient Permissions vulnerability. An remote malicious user could potentially exploit this vulnerability, leading to gaining write permissions on read-only files. | |||||
CVE-2022-22565 | 1 Dell | 1 Emc Powerscale Onefs | 2024-02-28 | 5.5 MEDIUM | 3.8 LOW |
Dell PowerScale OneFS, versions 9.0.0-9.3.0, contain an improper authorization of index containing sensitive information. An authenticated and privileged user could potentially exploit this vulnerability, leading to disclosure or modification of sensitive data. | |||||
CVE-2022-24413 | 1 Dell | 1 Emc Powerscale Onefs | 2024-02-28 | 3.3 LOW | 3.6 LOW |
Dell PowerScale OneFS, versions 8.2.2-9.3.x, contain a time-of-check-to-time-of-use vulnerability. A local user with access to the filesystem could potentially exploit this vulnerability, leading to data loss. | |||||
CVE-2022-26855 | 1 Dell | 1 Emc Powerscale Onefs | 2024-02-28 | 2.1 LOW | 5.5 MEDIUM |
Dell PowerScale OneFS, versions 8.2.x-9.3.0.x, contains an incorrect default permissions vulnerability. A local malicious user could potentially exploit this vulnerability, leading to a denial of service. | |||||
CVE-2022-22550 | 1 Dell | 1 Emc Powerscale Onefs | 2024-02-28 | 4.6 MEDIUM | 6.7 MEDIUM |
Dell PowerScale OneFS, versions 8.2.2 and above, contain a password disclosure vulnerability. An unprivileged local attacker could potentially exploit this vulnerability, leading to account take over. | |||||
CVE-2022-24411 | 1 Dell | 1 Emc Powerscale Onefs | 2024-02-28 | 4.6 MEDIUM | 7.8 HIGH |
Dell PowerScale OneFS 8.2.2 and above contain an elevation of privilege vulnerability. A local attacker with ISI_PRIV_LOGIN_SSH and/or ISI_PRIV_LOGIN_CONSOLE could potentially exploit this vulnerability, leading to elevation of privilege. This could potentially allow users to circumvent PowerScale Compliance Mode guarantees. | |||||
CVE-2021-21561 | 1 Dell | 1 Emc Powerscale Onefs | 2024-02-28 | 2.1 LOW | 5.5 MEDIUM |
Dell PowerScale OneFS version 8.1.2 contains a sensitive information exposure vulnerability. This would allow a malicious user with ISI_PRIV_LOGIN_SSH and/or ISI_PRIV_LOGIN_CONSOLE privileges to gain access to sensitive information in the log files. | |||||
CVE-2021-36305 | 1 Dell | 1 Emc Powerscale Onefs | 2024-02-28 | 4.0 MEDIUM | 6.5 MEDIUM |
Dell PowerScale OneFS contains an Unsynchronized Access to Shared Data in a Multithreaded Context in SMB CA handling. An authenticated user of SMB on a cluster with CA could potentially exploit this vulnerability, leading to a denial of service over SMB. | |||||
CVE-2021-21528 | 1 Dell | 1 Emc Powerscale Onefs | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
Dell EMC PowerScale OneFS versions 9.1.0, 9.2.0.x, 9.2.1.x contain an Exposure of Information through Directory Listing vulnerability. This vulnerability is triggered when upgrading from a previous versions. | |||||
CVE-2021-36281 | 1 Dell | 1 Emc Powerscale Onefs | 2024-02-28 | 6.5 MEDIUM | 8.8 HIGH |
Dell EMC PowerScale OneFS versions 8.2.x - 9.2.x contain an incorrect permission assignment vulnerability. A low privileged authenticated user can potentially exploit this vulnerability to escalate privileges. | |||||
CVE-2020-5353 | 1 Dell | 2 Emc Isilon Onefs, Emc Powerscale Onefs | 2024-02-28 | 9.0 HIGH | 8.8 HIGH |
The Dell Isilon OneFS versions 8.2.2 and earlier and Dell EMC PowerScale OneFS version 9.0.0 default configuration for Network File System (NFS) allows access to an 'admin' home directory. An attacker may leverage a spoofed Unique Identifier (UID) over NFS to rewrite sensitive files to gain administrative access to the system. | |||||
CVE-2021-36279 | 1 Dell | 1 Emc Powerscale Onefs | 2024-02-28 | 7.2 HIGH | 7.8 HIGH |
Dell EMC PowerScale OneFS versions 8.2.x - 9.2.x contain an incorrect permission assignment for critical resource vulnerability. This could allow a user with ISI_PRIV_LOGIN_SSH or ISI_PRIV_LOGIN_CONSOLE to access privileged information about the cluster. | |||||
CVE-2020-26180 | 1 Dell | 2 Emc Isilon Onefs, Emc Powerscale Onefs | 2024-02-28 | 6.5 MEDIUM | 8.8 HIGH |
Dell EMC Isilon OneFS supported versions 8.1 and later and Dell EMC PowerScale OneFS supported version 9.0.0 contain an access issue with the remotesupport user account. A remote malicious user with low privileges may gain access to data stored on the /ifs directory through most protocols. | |||||
CVE-2021-21592 | 1 Dell | 1 Emc Powerscale Onefs | 2024-02-28 | 4.0 MEDIUM | 6.5 MEDIUM |
Dell EMC PowerScale OneFS versions 8.2.x - 9.2.x improperly handle an exceptional condition. A remote low privileged user could potentially exploit this vulnerability, leading to unauthorized information disclosure. | |||||
CVE-2021-21594 | 1 Dell | 1 Emc Powerscale Onefs | 2024-02-28 | 5.0 MEDIUM | 5.3 MEDIUM |
Dell PowerScale OneFS versions 8.2.2 - 9.1.0.x contain a use of get request method with sensitive query strings vulnerability. It can lead to potential disclosure of sensitive data. Dell recommends upgrading at your earliest opportunity. | |||||
CVE-2021-21550 | 1 Dell | 1 Emc Powerscale Onefs | 2024-02-28 | 7.2 HIGH | 6.7 MEDIUM |
Dell EMC PowerScale OneFS 8.1.0-9.1.0 contain an improper neutralization of special elements used in an OS command vulnerability. This vulnerability can allow an authenticated user with ISI_PRIV_LOGIN_SSH or ISI_PRIV_LOGIN_CONSOLE privileges to escalate privileges. | |||||
CVE-2021-21563 | 1 Dell | 1 Emc Powerscale Onefs | 2024-02-28 | 4.0 MEDIUM | 6.5 MEDIUM |
Dell EMC PowerScale OneFS versions 8.1.2-9.1.0.x contain an Improper Check for Unusual or Exceptional Conditions in its auditing component.This can lead to an authenticated user with low-privileges to trigger a denial of service event. |