Filtered by vendor Dell
Subscriptions
Filtered by product Emc Powerscale Onefs
Subscriptions
Total
84 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-5371 | 1 Dell | 2 Emc Isilon Onefs, Emc Powerscale Onefs | 2024-09-16 | 8 High |
| Dell EMC Isilon OneFS versions 8.2.2 and earlier and Dell EMC PowerScale version 9.0.0 contain a file permissions vulnerability. An attacker, with network or local file access, could take advantage of insufficiently applied file permissions or gain unauthorized access to files. | ||||
| CVE-2022-22561 | 1 Dell | 1 Emc Powerscale Onefs | 2024-09-16 | 8.1 High |
| Dell PowerScale OneFS, versions 8.2.x-9.3.0.x, contain an improper restriction of excessive authentication attempts. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to compromised accounts. | ||||
| CVE-2020-5369 | 1 Dell | 2 Emc Isilon Onefs, Emc Powerscale Onefs | 2024-09-16 | 8.8 High |
| Dell EMC Isilon OneFS versions 8.2.2 and earlier and Dell EMC PowerScale OneFS version 9.0.0 contain a privilege escalation vulnerability. An authenticated malicious user may exploit this vulnerability by using SyncIQ to gain unauthorized access to system management files. | ||||
| CVE-2022-23161 | 1 Dell | 1 Emc Powerscale Onefs | 2024-09-16 | 7.5 High |
| Dell PowerScale OneFS versions 8.2.x - 9.3.0.x contain a denial-of-service vulnerability in SmartConnect. An unprivileged network attacker may potentially exploit this vulnerability, leading to denial-of-service. | ||||
| CVE-2022-22565 | 1 Dell | 1 Emc Powerscale Onefs | 2024-09-16 | 4.7 Medium |
| Dell PowerScale OneFS, versions 9.0.0-9.3.0, contain an improper authorization of index containing sensitive information. An authenticated and privileged user could potentially exploit this vulnerability, leading to disclosure or modification of sensitive data. | ||||
| CVE-2021-21561 | 1 Dell | 1 Emc Powerscale Onefs | 2024-09-16 | 7.8 High |
| Dell PowerScale OneFS version 8.1.2 contains a sensitive information exposure vulnerability. This would allow a malicious user with ISI_PRIV_LOGIN_SSH and/or ISI_PRIV_LOGIN_CONSOLE privileges to gain access to sensitive information in the log files. | ||||
| CVE-2021-21528 | 1 Dell | 1 Emc Powerscale Onefs | 2024-09-16 | 7.5 High |
| Dell EMC PowerScale OneFS versions 9.1.0, 9.2.0.x, 9.2.1.x contain an Exposure of Information through Directory Listing vulnerability. This vulnerability is triggered when upgrading from a previous versions. | ||||
| CVE-2022-34371 | 1 Dell | 1 Emc Powerscale Onefs | 2024-09-16 | 8.1 High |
| Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0.3, contain an unprotected transport of credentials vulnerability. A malicious unprivileged network attacker could potentially exploit this vulnerability, leading to full system compromise. | ||||
| CVE-2021-36305 | 1 Dell | 1 Emc Powerscale Onefs | 2024-09-16 | 6.5 Medium |
| Dell PowerScale OneFS contains an Unsynchronized Access to Shared Data in a Multithreaded Context in SMB CA handling. An authenticated user of SMB on a cluster with CA could potentially exploit this vulnerability, leading to a denial of service over SMB. | ||||
| CVE-2020-26191 | 1 Dell | 1 Emc Powerscale Onefs | 2024-09-16 | 7.8 High |
| Dell EMC PowerScale OneFS versions 8.1.0 - 9.1.0 contain a privilege escalation vulnerability. A user with ISI_PRIV_JOB_ENGINE may use the PermissionRepair job to grant themselves the highest level of RBAC privileges thus being able to read arbitrary data, tamper with system software or deny service to users. | ||||
| CVE-2021-21527 | 1 Dell | 1 Emc Powerscale Onefs | 2024-09-16 | 6 Medium |
| Dell PowerScale OneFS 8.1.0-9.1.0 contain an improper neutralization of special elements used in an OS command vulnerability. This vulnerability may allow an authenticated user with ISI_PRIV_LOGIN_SSH or ISI_PRIV_LOGIN_CONSOLE privileges to escalate privileges. | ||||
| CVE-2020-26196 | 1 Dell | 1 Emc Powerscale Onefs | 2024-09-16 | 5.5 Medium |
| Dell EMC PowerScale OneFS versions 8.1.0-9.1.0 contain a Backup/Restore Privilege implementation issue. A user with the BackupAdmin role may potentially exploit this vulnerability resulting in the ability to write data outside of the intended file system location. | ||||
| CVE-2022-34437 | 1 Dell | 1 Emc Powerscale Onefs | 2024-09-16 | 6.7 Medium |
| Dell PowerScale OneFS, versions 8.2.2-9.3.0, contain an OS command injection vulnerability. A privileged local malicious user could potentially exploit this vulnerability, leading to a full system compromise. This impacts compliance mode clusters. | ||||
| CVE-2020-26181 | 1 Dell | 2 Emc Isilon Onefs, Emc Powerscale Onefs | 2024-09-16 | 7 High |
| Dell EMC Isilon OneFS versions 8.1 and later and Dell EMC PowerScale OneFS version 9.0.0 contain a privilege escalation vulnerability on a SmartLock Compliance mode cluster. The compadmin user connecting using ISI PRIV LOGIN SSH or ISI PRIV LOGIN CONSOLE can elevate privileges to the root user if they have ISI PRIV HARDENING privileges. | ||||
| CVE-2021-21563 | 1 Dell | 1 Emc Powerscale Onefs | 2024-09-16 | 6.5 Medium |
| Dell EMC PowerScale OneFS versions 8.1.2-9.1.0.x contain an Improper Check for Unusual or Exceptional Conditions in its auditing component.This can lead to an authenticated user with low-privileges to trigger a denial of service event. | ||||
| CVE-2022-34369 | 1 Dell | 1 Emc Powerscale Onefs | 2024-09-16 | 8.1 High |
| Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.20, 9.2.1.13, 9.3.0.6, and 9.4.0.3 , contain an insertion of sensitive information in log files vulnerability. A remote unprivileged attacker could potentially exploit this vulnerability, leading to exposure of this sensitive data. | ||||
| CVE-2022-31237 | 1 Dell | 1 Emc Powerscale Onefs | 2024-09-16 | 3.3 Low |
| Dell PowerScale OneFS, versions 9.2.0 up to and including 9.2.1.12 and 9.3.0.5 contain an improper preservation of permissions vulnerability in SyncIQ. A low privileged local attacker may potentially exploit this vulnerability, leading to limited information disclosure. | ||||
| CVE-2020-26197 | 1 Dell | 1 Emc Powerscale Onefs | 2024-09-16 | 7.5 High |
| Dell PowerScale OneFS 8.1.0 - 9.1.0 contains an LDAP Provider inability to connect over TLSv1.2 vulnerability. It may make it easier to eavesdrop and decrypt such traffic for a malicious actor. Note: This does not affect clusters which are not relying on an LDAP server for the authentication provider. | ||||
| CVE-2021-21502 | 1 Dell | 1 Emc Powerscale Onefs | 2024-09-16 | 9.8 Critical |
| Dell PowerScale OneFS versions 8.1.0 – 9.1.0 contain a "use of SSH key past account expiration" vulnerability. A user on the network with the ISI_PRIV_AUTH_SSH RBAC privilege that has an expired account may potentially exploit this vulnerability, giving them access to the same things they had before account expiration. This may by a high privileged account and hence Dell recommends customers upgrade at the earliest opportunity. | ||||
| CVE-2022-26851 | 1 Dell | 1 Emc Powerscale Onefs | 2024-09-16 | 9.1 Critical |
| Dell PowerScale OneFS, 8.2.2-9.3.x, contains a predictable file name from observable state vulnerability. An unprivileged network attacker could potentially exploit this vulnerability, leading to data loss. | ||||