Powerscale Onefs
by Dell
CVEs (178)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-43723 | 0.00 | — | 0.00 | Nov 10, 2025 | Dell PowerScale OneFS, versions prior to 9.10.1.3 and versions 9.11.0.0 through 9.12.0.0, contains a use of a broken or risky cryptographic algorithm vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to… | |||
| CVE-2025-43724 | 0.00 | — | 0.00 | Oct 8, 2025 | Dell PowerScale OneFS, versions prior to 9.12.0.0, contains an authorization bypass through user-controlled key vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability to gain unauthorized access to NFSv4 or SMB shares. | |||
| CVE-2025-36601 | 0.00 | — | 0.00 | Sep 25, 2025 | Dell PowerScale OneFS, versions 9.5.0.0 through 9.11.0.0, contains an exposure of sensitive information to an unauthorized actor vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to Information disclosure. | |||
| CVE-2025-43722 | 0.00 | — | 0.00 | Sep 8, 2025 | Dell PowerScale OneFS, versions prior to 9.12.0.0, contains an improper privilege management vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to elevation of privileges. | |||
| CVE-2025-30477 | 0.00 | — | 0.00 | Jul 21, 2025 | Dell PowerScale OneFS, versions prior to 9.11.0.0, contains a use of a broken or risky cryptographic algorithm vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure. | |||
| CVE-2024-53298 | 0.00 | — | 0.00 | Jun 20, 2025 | Dell PowerScale OneFS, versions 9.5.0.0 through 9.10.0.1, contains a missing authorization vulnerability in the NFS export. An unauthenticated attacker with remote access could potentially exploit this vulnerability leading to unauthorized filesystem access. The attacker may be… | |||
| CVE-2025-32753 | 0.00 | — | 0.00 | Jun 20, 2025 | Dell PowerScale OneFS, versions 9.5.0.0 through 9.10.0.1, contains an improper neutralization of special elements used in an SQL command ('SQL injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to denial… | |||
| CVE-2025-26481 | 0.00 | — | 0.00 | May 15, 2025 | Dell PowerScale OneFS, versions 9.4.0.0 through 9.9.0.0, contains an uncontrolled resource consumption vulnerability. A remote unprivileged attacker could potentially exploit this vulnerability, leading to denial of service. | |||
| CVE-2025-30101 | 0.00 | — | 0.00 | May 8, 2025 | Dell PowerScale OneFS, versions 9.8.0.0 through 9.10.1.0, contain a time-of-check time-of-use (TOCTOU) race condition vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to denial of service and information tampering. | |||
| CVE-2025-30102 | 0.00 | — | 0.00 | May 8, 2025 | Dell PowerScale OneFS, versions 9.4.0.0 through 9.10.1.0, contains an out-of-bounds write vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to denial of service. | |||
| CVE-2025-26479 | 0.00 | — | 0.00 | Apr 10, 2025 | Dell PowerScale OneFS, versions 9.4.0.0 through 9.10.0.0, contains an out-of-bounds write vulnerability. An attacker could potentially exploit this vulnerability in NFS workflows, leading to data integrity issues. | |||
| CVE-2025-23378 | 0.00 | — | 0.00 | Apr 10, 2025 | Dell PowerScale OneFS, versions 9.4.0.0 through 9.10.0.0, contains an exposure of information through directory listing vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to information disclosure. | |||
| CVE-2025-26480 | 0.00 | — | 0.00 | Apr 10, 2025 | Dell PowerScale OneFS, versions 9.5.0.0 through 9.10.0.0, contains an uncontrolled resource consumption vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to denial of service. | |||
| CVE-2025-22471 | 0.00 | — | 0.00 | Apr 10, 2025 | Dell PowerScale OneFS, versions 9.4.0.0 through 9.10.0.1, contains an integer overflow or wraparound vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to denial of service. | |||
| CVE-2025-26330 | 0.00 | — | 0.00 | Apr 10, 2025 | Dell PowerScale OneFS, versions 9.4.0.0 through 9.10.0.1, contains an incorrect authorization vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability to access the cluster with previous privileges of a disabled user account. | |||
| CVE-2025-27690 | 0.00 | — | 0.00 | Apr 10, 2025 | Dell PowerScale OneFS, versions 9.5.0.0 through 9.10.1.0, contains a use of default password vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to the takeover of a high privileged user account. | |||
| CVE-2024-47239 | 0.00 | — | 0.00 | Jan 8, 2025 | Dell PowerScale OneFS versions 8.2.2.x through 9.9.0.0 contain an uncontrolled resource consumption vulnerability. A remote low privileged attacker could potentially exploit this vulnerability, leading to denial of service. | |||
| CVE-2024-47475 | 0.00 | — | 0.00 | Jan 6, 2025 | Dell PowerScale OneFS 8.2.2.x through 9.8.0.x contains an incorrect permission assignment for critical resource vulnerability. A locally authenticated attacker could potentially exploit this vulnerability, leading to denial of service. | |||
| CVE-2024-42426 | 0.00 | — | 0.00 | Dec 9, 2024 | Dell PowerScale OneFS Versions 9.5.0.x through 9.8.0.x contain an uncontrolled resource consumption vulnerability. A low privilege remote attacker could potentially exploit this vulnerability, leading to denial of service. | |||
| CVE-2024-49603 | 0.00 | — | 0.00 | Dec 9, 2024 | Dell PowerScale OneFS Versions 8.2.2.x through 9.9.0.x contain an incorrect specified argument vulnerability. A remote low privileged legitimate user could potentially exploit this vulnerability, leading to information disclosure. |
- CVE-2025-43723Nov 10, 2025risk 0.00cvss —epss 0.00
Dell PowerScale OneFS, versions prior to 9.10.1.3 and versions 9.11.0.0 through 9.12.0.0, contains a use of a broken or risky cryptographic algorithm vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to…
- CVE-2025-43724Oct 8, 2025risk 0.00cvss —epss 0.00
Dell PowerScale OneFS, versions prior to 9.12.0.0, contains an authorization bypass through user-controlled key vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability to gain unauthorized access to NFSv4 or SMB shares.
- CVE-2025-36601Sep 25, 2025risk 0.00cvss —epss 0.00
Dell PowerScale OneFS, versions 9.5.0.0 through 9.11.0.0, contains an exposure of sensitive information to an unauthorized actor vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to Information disclosure.
- CVE-2025-43722Sep 8, 2025risk 0.00cvss —epss 0.00
Dell PowerScale OneFS, versions prior to 9.12.0.0, contains an improper privilege management vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to elevation of privileges.
- CVE-2025-30477Jul 21, 2025risk 0.00cvss —epss 0.00
Dell PowerScale OneFS, versions prior to 9.11.0.0, contains a use of a broken or risky cryptographic algorithm vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure.
- CVE-2024-53298Jun 20, 2025risk 0.00cvss —epss 0.00
Dell PowerScale OneFS, versions 9.5.0.0 through 9.10.0.1, contains a missing authorization vulnerability in the NFS export. An unauthenticated attacker with remote access could potentially exploit this vulnerability leading to unauthorized filesystem access. The attacker may be…
- CVE-2025-32753Jun 20, 2025risk 0.00cvss —epss 0.00
Dell PowerScale OneFS, versions 9.5.0.0 through 9.10.0.1, contains an improper neutralization of special elements used in an SQL command ('SQL injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to denial…
- CVE-2025-26481May 15, 2025risk 0.00cvss —epss 0.00
Dell PowerScale OneFS, versions 9.4.0.0 through 9.9.0.0, contains an uncontrolled resource consumption vulnerability. A remote unprivileged attacker could potentially exploit this vulnerability, leading to denial of service.
- CVE-2025-30101May 8, 2025risk 0.00cvss —epss 0.00
Dell PowerScale OneFS, versions 9.8.0.0 through 9.10.1.0, contain a time-of-check time-of-use (TOCTOU) race condition vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to denial of service and information tampering.
- CVE-2025-30102May 8, 2025risk 0.00cvss —epss 0.00
Dell PowerScale OneFS, versions 9.4.0.0 through 9.10.1.0, contains an out-of-bounds write vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to denial of service.
- CVE-2025-26479Apr 10, 2025risk 0.00cvss —epss 0.00
Dell PowerScale OneFS, versions 9.4.0.0 through 9.10.0.0, contains an out-of-bounds write vulnerability. An attacker could potentially exploit this vulnerability in NFS workflows, leading to data integrity issues.
- CVE-2025-23378Apr 10, 2025risk 0.00cvss —epss 0.00
Dell PowerScale OneFS, versions 9.4.0.0 through 9.10.0.0, contains an exposure of information through directory listing vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to information disclosure.
- CVE-2025-26480Apr 10, 2025risk 0.00cvss —epss 0.00
Dell PowerScale OneFS, versions 9.5.0.0 through 9.10.0.0, contains an uncontrolled resource consumption vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to denial of service.
- CVE-2025-22471Apr 10, 2025risk 0.00cvss —epss 0.00
Dell PowerScale OneFS, versions 9.4.0.0 through 9.10.0.1, contains an integer overflow or wraparound vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to denial of service.
- CVE-2025-26330Apr 10, 2025risk 0.00cvss —epss 0.00
Dell PowerScale OneFS, versions 9.4.0.0 through 9.10.0.1, contains an incorrect authorization vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability to access the cluster with previous privileges of a disabled user account.
- CVE-2025-27690Apr 10, 2025risk 0.00cvss —epss 0.00
Dell PowerScale OneFS, versions 9.5.0.0 through 9.10.1.0, contains a use of default password vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to the takeover of a high privileged user account.
- CVE-2024-47239Jan 8, 2025risk 0.00cvss —epss 0.00
Dell PowerScale OneFS versions 8.2.2.x through 9.9.0.0 contain an uncontrolled resource consumption vulnerability. A remote low privileged attacker could potentially exploit this vulnerability, leading to denial of service.
- CVE-2024-47475Jan 6, 2025risk 0.00cvss —epss 0.00
Dell PowerScale OneFS 8.2.2.x through 9.8.0.x contains an incorrect permission assignment for critical resource vulnerability. A locally authenticated attacker could potentially exploit this vulnerability, leading to denial of service.
- CVE-2024-42426Dec 9, 2024risk 0.00cvss —epss 0.00
Dell PowerScale OneFS Versions 9.5.0.x through 9.8.0.x contain an uncontrolled resource consumption vulnerability. A low privilege remote attacker could potentially exploit this vulnerability, leading to denial of service.
- CVE-2024-49603Dec 9, 2024risk 0.00cvss —epss 0.00
Dell PowerScale OneFS Versions 8.2.2.x through 9.9.0.x contain an incorrect specified argument vulnerability. A remote low privileged legitimate user could potentially exploit this vulnerability, leading to information disclosure.
Page 2 of 9