Filtered by vendor Dell
Subscriptions
Filtered by product Emc Powerscale Onefs
Subscriptions
Total
84 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-36282 | 1 Dell | 1 Emc Powerscale Onefs | 2024-09-17 | 2.5 Low |
| Dell EMC PowerScale OneFS versions 8.2.x - 9.1.0.x contain a use of uninitialized resource vulnerability. This can potentially allow an authenticated user with ISI_PRIV_LOGIN_CONSOLE or ISI_PRIV_LOGIN_SSH privileges to gain access up to 24 bytes of data within the /ifs kernel stack under certain conditions. | ||||
| CVE-2022-23159 | 1 Dell | 1 Emc Powerscale Onefs | 2024-09-17 | 4.8 Medium |
| Dell PowerScale OneFS, 8.2.2 - 9.3.0.x, contain a missing release of memory after effective lifetime vulnerability. An authenticated user with ISI_PRIV_LOGIN_SSH and/or ISI_PRIV_LOGIN_CONSOLE and ISI_PRIV_AUTH_PROVIDERS privileges could exploit this vulnerability, leading to a Denial-Of-Service. This can also impact a cluster in Compliance mode. Dell recommends to update at the earliest opportunity. | ||||
| CVE-2022-24413 | 1 Dell | 1 Emc Powerscale Onefs | 2024-09-17 | 4.4 Medium |
| Dell PowerScale OneFS, versions 8.2.2-9.3.x, contain a time-of-check-to-time-of-use vulnerability. A local user with access to the filesystem could potentially exploit this vulnerability, leading to data loss. | ||||
| CVE-2021-21503 | 1 Dell | 1 Emc Powerscale Onefs | 2024-09-17 | 7.8 High |
| PowerScale OneFS 8.1.2,8.2.2 and 9.1.0 contains an improper input sanitization issue in a command. The Compadmin user could potentially exploit this vulnerability, leading to potential privileges escalation. | ||||
| CVE-2021-21599 | 1 Dell | 1 Emc Powerscale Onefs | 2024-09-17 | 6 Medium |
| Dell EMC PowerScale OneFS versions 8.2.x - 9.2.1.x contain an OS command injection vulnerability. This may allow a user with ISI_PRIV_LOGIN_SSH or ISI_PRIV_LOGIN_CONSOLE to escalate privileges and escape the compliance guarantees. This only impacts Smartlock WORM compliance mode clusters as a critical vulnerability and Dell recommends to update/upgrade at the earliest opportunity. | ||||
| CVE-2022-22562 | 1 Dell | 1 Emc Powerscale Onefs | 2024-09-17 | 7.5 High |
| Dell PowerScale OneFS, versions 8.2.0-9.3.0, contain a improper handling of missing values exploit. An unauthenticated network attacker could potentially exploit this denial-of-service vulnerability. | ||||
| CVE-2021-36278 | 1 Dell | 1 Emc Powerscale Onefs | 2024-09-17 | 8.1 High |
| Dell EMC PowerScale OneFS versions 8.2.x, 9.1.0.x, and 9.1.1.1 contain a sensitive information exposure vulnerability in log files. A local malicious user with ISI_PRIV_LOGIN_SSH, ISI_PRIV_LOGIN_CONSOLE, or ISI_PRIV_SYS_SUPPORT privileges may exploit this vulnerability to access sensitive information. If any third-party consumes those logs, the same sensitive information is available to those systems as well. | ||||
| CVE-2022-23163 | 1 Dell | 1 Emc Powerscale Onefs | 2024-09-17 | 4.7 Medium |
| Dell PowerScale OneFS, 8.2,x, 9.1.0.x, 9.2.1.x, and 9.3.0.x contain a denial of service vulnerability. A local malicious user could potentially exploit this vulnerability, leading to denial of service/data unavailability. | ||||
| CVE-2021-21592 | 1 Dell | 1 Emc Powerscale Onefs | 2024-09-17 | 3.1 Low |
| Dell EMC PowerScale OneFS versions 8.2.x - 9.2.x improperly handle an exceptional condition. A remote low privileged user could potentially exploit this vulnerability, leading to unauthorized information disclosure. | ||||
| CVE-2020-26180 | 1 Dell | 2 Emc Isilon Onefs, Emc Powerscale Onefs | 2024-09-17 | 6.3 Medium |
| Dell EMC Isilon OneFS supported versions 8.1 and later and Dell EMC PowerScale OneFS supported version 9.0.0 contain an access issue with the remotesupport user account. A remote malicious user with low privileges may gain access to data stored on the /ifs directory through most protocols. | ||||
| CVE-2022-23160 | 1 Dell | 1 Emc Powerscale Onefs | 2024-09-17 | 5.4 Medium |
| Dell PowerScale OneFS, versions 8.2.0-9.3.0, contains an Improper Handling of Insufficient Permissions vulnerability. An remote malicious user could potentially exploit this vulnerability, leading to gaining write permissions on read-only files. | ||||
| CVE-2020-26192 | 1 Dell | 1 Emc Powerscale Onefs | 2024-09-17 | 7.8 High |
| Dell EMC PowerScale OneFS versions 8.2.0 - 9.1.0 contain a privilege escalation vulnerability. A non-admin user with either ISI_PRIV_LOGIN_CONSOLE or ISI_PRIV_LOGIN_SSH may potentially exploit this vulnerability to read arbitrary data, tamper with system software or deny service to users. Note: no non-admin users or roles have these privileges by default. | ||||
| CVE-2020-26194 | 1 Dell | 1 Emc Powerscale Onefs | 2024-09-17 | 7 High |
| Dell EMC PowerScale OneFS versions 8.1.2 and 8.2.2 contain an Incorrect Permission Assignment for a Critical Resource vulnerability. This may allow a non-admin user with either ISI_PRIV_LOGIN_CONSOLE or ISI_PRIV_LOGIN_SSH privileges to exploit the vulnerability, leading to compromised cryptographic operations. Note: no non-admin users or roles have these privileges by default. | ||||
| CVE-2022-34378 | 1 Dell | 1 Emc Powerscale Onefs | 2024-09-17 | 5.5 Medium |
| Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.20, 9.2.1.13, 9.3.0.6, and 9.4.0.3, contain a relative path traversal vulnerability. A low privileged local attacker could potentially exploit this vulnerability, leading to denial of service. | ||||
| CVE-2022-26855 | 1 Dell | 1 Emc Powerscale Onefs | 2024-09-17 | 5.5 Medium |
| Dell PowerScale OneFS, versions 8.2.x-9.3.0.x, contains an incorrect default permissions vulnerability. A local malicious user could potentially exploit this vulnerability, leading to a denial of service. | ||||
| CVE-2021-21562 | 1 Dell | 1 Emc Powerscale Onefs | 2024-09-17 | 4.4 Medium |
| Dell EMC PowerScale OneFS contains an untrusted search path vulnerability. This vulnerability allows a user with (ISI_PRIV_LOGIN_SSH or ISI_PRIV_LOGIN_CONSOLE) and (ISI_PRIV_SYS_UPGRADE or ISI_PRIV_AUDIT) to provide an untrusted path which can lead to run resources that are not under the application’s direct control. | ||||
| CVE-2022-24411 | 1 Dell | 1 Emc Powerscale Onefs | 2024-09-17 | 7.8 High |
| Dell PowerScale OneFS 8.2.2 and above contain an elevation of privilege vulnerability. A local attacker with ISI_PRIV_LOGIN_SSH and/or ISI_PRIV_LOGIN_CONSOLE could potentially exploit this vulnerability, leading to elevation of privilege. This could potentially allow users to circumvent PowerScale Compliance Mode guarantees. | ||||
| CVE-2022-26852 | 1 Dell | 1 Emc Powerscale Onefs | 2024-09-17 | 8.1 High |
| Dell PowerScale OneFS, versions 8.2.x-9.3.x, contain a predictable seed in pseudo-random number generator. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to an account compromise. | ||||
| CVE-2022-24428 | 1 Dell | 1 Emc Powerscale Onefs | 2024-09-17 | 6.3 Medium |
| Dell PowerScale OneFS, versions 8.2.x, 9.0.0.x, 9.1.0.x, 9.2.0.x, 9.2.1.x, and 9.3.0.x, contain an improper preservation of privileges. A remote filesystem user with a local account could potentially exploit this vulnerability, leading to an escalation of file privileges and information disclosure. | ||||
| CVE-2021-21568 | 1 Dell | 1 Emc Powerscale Onefs | 2024-09-17 | 4.3 Medium |
| Dell EMC PowerScale OneFS versions 8.2.x - 9.2.x contain an insufficient logging vulnerability. An authenticated user with ISI_PRIV_LOGIN_PAPI could make un-audited and un-trackable configuration changes to settings that their roles have privileges to change. | ||||