Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Dell Subscribe
Filtered by product Powerscale Onefs
Total 11 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-25536 1 Dell 1 Powerscale Onefs 2023-03-10 N/A 6.7 MEDIUM
Dell PowerScale OneFS 9.4.0.x contains exposure of sensitive information to an unauthorized actor. A malicious authenticated local user could potentially exploit this vulnerability in certificate management, leading to a potential system takeover.
CVE-2022-34444 1 Dell 1 Powerscale Onefs 2023-02-21 N/A 7.5 HIGH
Dell PowerScale OneFS, versions 9.2.0.x through 9.4.0.x contain an information vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability to cause data leak.
CVE-2022-34445 1 Dell 1 Powerscale Onefs 2023-02-21 N/A 4.4 MEDIUM
Dell PowerScale OneFS, versions 8.2.x through 9.3.x contain a weak encoding for a password. A malicious local privileged attacker may potentially exploit this vulnerability, leading to information disclosure.
CVE-2021-21565 1 Dell 1 Powerscale Onefs 2022-10-24 5.0 MEDIUM 5.3 MEDIUM
Dell PowerScale OneFS versions 9.1.0.3 and earlier contain a denial of service vulnerability. SmartConnect had an error condition that may be triggered to loop, using CPU and potentially preventing other SmartConnect DNS responses.
CVE-2022-31230 1 Dell 1 Powerscale Onefs 2022-07-11 10.0 HIGH 9.8 CRITICAL
Dell PowerScale OneFS, versions 8.2.x-9.2.x, contain broken or risky cryptographic algorithm. A remote unprivileged malicious attacker could potentially exploit this vulnerability, leading to full system access.
CVE-2022-31229 1 Dell 1 Powerscale Onefs 2022-07-08 4.0 MEDIUM 4.9 MEDIUM
Dell PowerScale OneFS, 8.2.x through 9.3.0.x, contain an error message with sensitive information. An administrator could potentially exploit this vulnerability, leading to disclosure of sensitive information. This sensitive information can be used to access sensitive resources.
CVE-2022-29098 1 Dell 1 Powerscale Onefs 2022-06-08 5.0 MEDIUM 7.5 HIGH
Dell PowerScale OneFS versions 8.2.0.x through 9.3.0.x, contain a weak password requirement vulnerability. An administrator may create an account with no password. A remote attacker may potentially exploit this leading to a user account compromise.
CVE-2021-21567 1 Dell 1 Powerscale Onefs 2022-04-26 4.6 MEDIUM 7.8 HIGH
Dell PowerScale OneFS 9.1.0.x contains an improper privilege management vulnerability. It may allow an authenticated user with ISI_PRIV_LOGIN_SSH and/or ISI_PRIV_LOGIN_CONSOLE to elevate privilege.
CVE-2021-36350 1 Dell 1 Powerscale Onefs 2022-01-05 5.0 MEDIUM 7.5 HIGH
Dell PowerScale OneFS, versions 8.2.2-9.3.0.x, contain an authentication bypass by primary weakness in one of the authentication factors. A remote unauthenticated attacker may potentially exploit this vulnerability and bypass one of the factors of authentication.
CVE-2021-21553 1 Dell 1 Powerscale Onefs 2021-08-11 7.2 HIGH 8.8 HIGH
Dell PowerScale OneFS versions 8.1.0-9.1.0 contain an Incorrect User Management vulnerability.under some specific conditions, this can allow the CompAdmin user to elevate privileges and break out of Compliance mode. This is a critical vulnerability and Dell recommends upgrading at the earliest.
CVE-2021-21526 1 Dell 1 Powerscale Onefs 2021-04-27 7.2 HIGH 6.7 MEDIUM
Dell PowerScale OneFS 8.1.0 - 9.1.0 contains a privilege escalation in SmartLock compliance mode that may allow compadmin to execute arbitrary commands as root.