Filtered by vendor Dell Subscriptions
Filtered by product Emc Powerscale Onefs Subscriptions
Total 84 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2021-36281 1 Dell 1 Emc Powerscale Onefs 2024-09-17 7.5 High
Dell EMC PowerScale OneFS versions 8.2.x - 9.2.x contain an incorrect permission assignment vulnerability. A low privileged authenticated user can potentially exploit this vulnerability to escalate privileges.
CVE-2021-21595 1 Dell 1 Emc Powerscale Onefs 2024-09-17 6 Medium
Dell EMC PowerScale OneFS versions 8.2.x - 9.1.1.x contain an improper neutralization of special elements used in an OS command. This vulnerability could allow the compadmin user to elevate privileges. This only impacts Smartlock WORM compliance mode clusters as a critical vulnerability and Dell recommends to update/upgrade at the earliest opportunity.
CVE-2020-5353 1 Dell 2 Emc Isilon Onefs, Emc Powerscale Onefs 2024-09-17 8.8 High
The Dell Isilon OneFS versions 8.2.2 and earlier and Dell EMC PowerScale OneFS version 9.0.0 default configuration for Network File System (NFS) allows access to an 'admin' home directory. An attacker may leverage a spoofed Unique Identifier (UID) over NFS to rewrite sensitive files to gain administrative access to the system.
CVE-2022-22550 1 Dell 1 Emc Powerscale Onefs 2024-09-17 6.7 Medium
Dell PowerScale OneFS, versions 8.2.2 and above, contain a password disclosure vulnerability. An unprivileged local attacker could potentially exploit this vulnerability, leading to account take over.
CVE-2022-26854 1 Dell 1 Emc Powerscale Onefs 2024-09-17 8.1 High
Dell PowerScale OneFS, versions 8.2.x-9.2.x, contain risky cryptographic algorithms. A remote unprivileged malicious attacker could potentially exploit this vulnerability, leading to full system access
CVE-2020-26195 1 Dell 1 Emc Powerscale Onefs 2024-09-16 5.3 Medium
Dell EMC PowerScale OneFS versions 8.1.2 – 9.1.0 contain an issue where the OneFS SMB directory auto-create may erroneously create a directory for a user. A remote unauthenticated attacker may take advantage of this issue to slow down the system.
CVE-2022-34438 1 Dell 1 Emc Powerscale Onefs 2024-09-16 6.7 Medium
Dell PowerScale OneFS, versions 8.2.x-9.4.0.x, contain a privilege context switching error. A local authenticated malicious user with high privileges could potentially exploit this vulnerability, leading to full system compromise. This impacts compliance mode clusters.
CVE-2022-22549 1 Dell 1 Emc Powerscale Onefs 2024-09-16 7.5 High
Dell PowerScale OneFS, 8.2.x-9.3.x, contains a Improper Certificate Validation. A unauthenticated remote attacker could potentially exploit this vulnerability, leading to a man-in-the-middle capture of administrative credentials.
CVE-2022-32480 1 Dell 1 Emc Powerscale Onefs 2024-09-16 4.3 Medium
Dell PowerScale OneFS, versions 9.0.0, up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0.2, contain an insecure default initialization of a resource vulnerability. A remote authenticated attacker may potentially exploit this vulnerability, leading to information disclosure.
CVE-2021-36279 1 Dell 1 Emc Powerscale Onefs 2024-09-16 7.8 High
Dell EMC PowerScale OneFS versions 8.2.x - 9.2.x contain an incorrect permission assignment for critical resource vulnerability. This could allow a user with ISI_PRIV_LOGIN_SSH or ISI_PRIV_LOGIN_CONSOLE to access privileged information about the cluster.
CVE-2021-36280 1 Dell 1 Emc Powerscale Onefs 2024-09-16 7.8 High
Dell EMC PowerScale OneFS versions 8.2.x - 9.2.x contain an incorrect permission assignment for critical resource vulnerability. This could allow a user with ISI_PRIV_LOGIN_SSH or ISI_PRIV_LOGIN_CONSOLE to access privileged information about the cluster.
CVE-2020-5383 1 Dell 2 Emc Isilon, Emc Powerscale Onefs 2024-09-16 5.3 Medium
Dell EMC Isilon OneFS version 8.2.2 and Dell EMC PowerScale OneFS version 9.0.0 contains a buffer overflow vulnerability in the Likewise component. A remote unauthenticated malicious attacker may potentially exploit this vulnerability to cause a process restart.
CVE-2022-31239 1 Dell 1 Emc Powerscale Onefs 2024-09-16 6.7 Medium
Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.19, 9.2.1.12, and 9.3.0.6, contain sensitive data in log files vulnerability. A privileged local user may potentially exploit this vulnerability, leading to disclosure of this sensitive data.
CVE-2021-21594 1 Dell 1 Emc Powerscale Onefs 2024-09-16 8.2 High
Dell PowerScale OneFS versions 8.2.2 - 9.1.0.x contain a use of get request method with sensitive query strings vulnerability. It can lead to potential disclosure of sensitive data. Dell recommends upgrading at your earliest opportunity.
CVE-2020-26193 1 Dell 1 Emc Powerscale Onefs 2024-09-16 7.8 High
Dell EMC PowerScale OneFS versions 8.1.0 - 9.1.0 contain an improper input validation vulnerability. A user with the ISI_PRIV_CLUSTER privilege may exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS, with the privileges of the vulnerable application.
CVE-2022-22560 1 Dell 1 Emc Powerscale Onefs 2024-09-16 7.1 High
Dell EMC PowerScale OneFS 8.1.x - 9.1.x contain hard coded credentials. This allows a local user with knowledge of the credentials to login as the admin user to the backend ethernet switch of a PowerScale cluster. The attacker can exploit this vulnerability to take the switch offline.
CVE-2022-22563 1 Dell 1 Emc Powerscale Onefs 2024-09-16 4.4 Medium
Dell EMC Powerscale OneFS 8.2.x - 9.2.x omit security-relevant information in /etc/master.passwd. A high-privileged user can exploit this vulnerability to not record information identifying the source of account information changes.
CVE-2022-33932 1 Dell 1 Emc Powerscale Onefs 2024-09-16 5.3 Medium
Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0.2, contain an unprotected primary channel vulnerability. An unauthenticated network malicious attacker may potentially exploit this vulnerability, leading to a denial of filesystem services.
CVE-2022-31238 1 Dell 1 Emc Powerscale Onefs 2024-09-16 4.7 Medium
Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0.2, contain a process invoked with sensitive information vulnerability. A CLI user may potentially exploit this vulnerability, leading to information disclosure.
CVE-2021-21550 1 Dell 1 Emc Powerscale Onefs 2024-09-16 6 Medium
Dell EMC PowerScale OneFS 8.1.0-9.1.0 contain an improper neutralization of special elements used in an OS command vulnerability. This vulnerability can allow an authenticated user with ISI_PRIV_LOGIN_SSH or ISI_PRIV_LOGIN_CONSOLE privileges to escalate privileges.