Search
Total
17 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-31238 | 1 Dell | 1 Emc Powerscale Onefs | 2023-08-08 | N/A | 5.5 MEDIUM |
| Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0.2, contain a process invoked with sensitive information vulnerability. A CLI user may potentially exploit this vulnerability, leading to information disclosure. | |||||
| CVE-2021-36278 | 1 Dell | 1 Emc Powerscale Onefs | 2022-05-11 | 2.1 LOW | 5.5 MEDIUM |
| Dell EMC PowerScale OneFS versions 8.2.x, 9.1.0.x, and 9.1.1.1 contain a sensitive information exposure vulnerability in log files. A local malicious user with ISI_PRIV_LOGIN_SSH, ISI_PRIV_LOGIN_CONSOLE, or ISI_PRIV_SYS_SUPPORT privileges may exploit this vulnerability to access sensitive information. If any third-party consumes those logs, the same sensitive information is available to those systems as well. | |||||
| CVE-2021-21568 | 1 Dell | 1 Emc Powerscale Onefs | 2022-05-03 | 4.0 MEDIUM | 4.3 MEDIUM |
| Dell EMC PowerScale OneFS versions 8.2.x - 9.2.x contain an insufficient logging vulnerability. An authenticated user with ISI_PRIV_LOGIN_PAPI could make un-audited and un-trackable configuration changes to settings that their roles have privileges to change. | |||||
| CVE-2021-21561 | 1 Dell | 1 Emc Powerscale Onefs | 2021-11-27 | 2.1 LOW | 5.5 MEDIUM |
| Dell PowerScale OneFS version 8.1.2 contains a sensitive information exposure vulnerability. This would allow a malicious user with ISI_PRIV_LOGIN_SSH and/or ISI_PRIV_LOGIN_CONSOLE privileges to gain access to sensitive information in the log files. | |||||
| CVE-2021-36305 | 1 Dell | 1 Emc Powerscale Onefs | 2021-11-17 | 4.0 MEDIUM | 6.5 MEDIUM |
| Dell PowerScale OneFS contains an Unsynchronized Access to Shared Data in a Multithreaded Context in SMB CA handling. An authenticated user of SMB on a cluster with CA could potentially exploit this vulnerability, leading to a denial of service over SMB. | |||||
| CVE-2021-36280 | 1 Dell | 1 Emc Powerscale Onefs | 2021-08-25 | 2.1 LOW | 5.5 MEDIUM |
| Dell EMC PowerScale OneFS versions 8.2.x - 9.2.x contain an incorrect permission assignment for critical resource vulnerability. This could allow a user with ISI_PRIV_LOGIN_SSH or ISI_PRIV_LOGIN_CONSOLE to access privileged information about the cluster. | |||||
| CVE-2021-21599 | 1 Dell | 1 Emc Powerscale Onefs | 2021-08-25 | 4.6 MEDIUM | 6.7 MEDIUM |
| Dell EMC PowerScale OneFS versions 8.2.x - 9.2.1.x contain an OS command injection vulnerability. This may allow a user with ISI_PRIV_LOGIN_SSH or ISI_PRIV_LOGIN_CONSOLE to escalate privileges and escape the compliance guarantees. This only impacts Smartlock WORM compliance mode clusters as a critical vulnerability and Dell recommends to update/upgrade at the earliest opportunity. | |||||
| CVE-2021-21595 | 1 Dell | 1 Emc Powerscale Onefs | 2021-08-25 | 4.6 MEDIUM | 6.7 MEDIUM |
| Dell EMC PowerScale OneFS versions 8.2.x - 9.1.1.x contain an improper neutralization of special elements used in an OS command. This vulnerability could allow the compadmin user to elevate privileges. This only impacts Smartlock WORM compliance mode clusters as a critical vulnerability and Dell recommends to update/upgrade at the earliest opportunity. | |||||
| CVE-2021-21594 | 1 Dell | 1 Emc Powerscale Onefs | 2021-08-25 | 5.0 MEDIUM | 5.3 MEDIUM |
| Dell PowerScale OneFS versions 8.2.2 - 9.1.0.x contain a use of get request method with sensitive query strings vulnerability. It can lead to potential disclosure of sensitive data. Dell recommends upgrading at your earliest opportunity. | |||||
| CVE-2021-21592 | 1 Dell | 1 Emc Powerscale Onefs | 2021-08-25 | 4.0 MEDIUM | 6.5 MEDIUM |
| Dell EMC PowerScale OneFS versions 8.2.x - 9.2.x improperly handle an exceptional condition. A remote low privileged user could potentially exploit this vulnerability, leading to unauthorized information disclosure. | |||||
| CVE-2021-21562 | 1 Dell | 1 Emc Powerscale Onefs | 2021-08-11 | 2.1 LOW | 4.4 MEDIUM |
| Dell EMC PowerScale OneFS contains an untrusted search path vulnerability. This vulnerability allows a user with (ISI_PRIV_LOGIN_SSH or ISI_PRIV_LOGIN_CONSOLE) and (ISI_PRIV_SYS_UPGRADE or ISI_PRIV_AUDIT) to provide an untrusted path which can lead to run resources that are not under the application’s direct control. | |||||
| CVE-2021-21563 | 1 Dell | 1 Emc Powerscale Onefs | 2021-08-11 | 4.0 MEDIUM | 6.5 MEDIUM |
| Dell EMC PowerScale OneFS versions 8.1.2-9.1.0.x contain an Improper Check for Unusual or Exceptional Conditions in its auditing component.This can lead to an authenticated user with low-privileges to trigger a denial of service event. | |||||
| CVE-2021-21527 | 1 Dell | 1 Emc Powerscale Onefs | 2021-05-14 | 7.2 HIGH | 6.7 MEDIUM |
| Dell PowerScale OneFS 8.1.0-9.1.0 contain an improper neutralization of special elements used in an OS command vulnerability. This vulnerability may allow an authenticated user with ISI_PRIV_LOGIN_SSH or ISI_PRIV_LOGIN_CONSOLE privileges to escalate privileges. | |||||
| CVE-2021-21550 | 1 Dell | 1 Emc Powerscale Onefs | 2021-05-14 | 7.2 HIGH | 6.7 MEDIUM |
| Dell EMC PowerScale OneFS 8.1.0-9.1.0 contain an improper neutralization of special elements used in an OS command vulnerability. This vulnerability can allow an authenticated user with ISI_PRIV_LOGIN_SSH or ISI_PRIV_LOGIN_CONSOLE privileges to escalate privileges. | |||||
| CVE-2020-26196 | 1 Dell | 1 Emc Powerscale Onefs | 2021-02-12 | 2.1 LOW | 5.5 MEDIUM |
| Dell EMC PowerScale OneFS versions 8.1.0-9.1.0 contain a Backup/Restore Privilege implementation issue. A user with the BackupAdmin role may potentially exploit this vulnerability resulting in the ability to write data outside of the intended file system location. | |||||
| CVE-2020-26195 | 1 Dell | 1 Emc Powerscale Onefs | 2021-02-12 | 5.0 MEDIUM | 5.3 MEDIUM |
| Dell EMC PowerScale OneFS versions 8.1.2 – 9.1.0 contain an issue where the OneFS SMB directory auto-create may erroneously create a directory for a user. A remote unauthenticated attacker may take advantage of this issue to slow down the system. | |||||
| CVE-2020-5383 | 1 Dell | 2 Emc Isilon, Emc Powerscale Onefs | 2020-09-04 | 5.0 MEDIUM | 5.3 MEDIUM |
| Dell EMC Isilon OneFS version 8.2.2 and Dell EMC PowerScale OneFS version 9.0.0 contains a buffer overflow vulnerability in the Likewise component. A remote unauthenticated malicious attacker may potentially exploit this vulnerability to cause a process restart. | |||||