Powerscale Onefs
by Dell
CVEs (178)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-25952 | 0.00 | — | 0.00 | Mar 28, 2024 | Dell PowerScale OneFS versions 8.2.2.x through 9.7.0.x contains an UNIX symbolic link (symlink) following vulnerability. A local high privileged attacker could potentially exploit this vulnerability, leading to denial of service, information tampering. | |||
| CVE-2024-25960 | 0.00 | — | 0.00 | Mar 28, 2024 | Dell PowerScale OneFS versions 8.2.2.x through 9.7.0.x contains a cleartext transmission of sensitive information vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to escalation of privileges. | |||
| CVE-2024-25961 | 0.00 | — | 0.00 | Mar 28, 2024 | Dell PowerScale OneFS versions 8.2.2.x through 9.7.0.x contains an improper privilege management vulnerability. A local high privileged attacker could potentially exploit this vulnerability, leading to escalation of privileges. | |||
| CVE-2024-25959 | 0.00 | — | 0.00 | Mar 28, 2024 | Dell PowerScale OneFS versions 9.4.0.x through 9.7.0.x contains an insertion of sensitive information into log file vulnerability. A low privileged local attacker could potentially exploit this vulnerability, leading to sensitive information disclosure, escalation of privileges. | |||
| CVE-2024-25964 | 0.00 | — | 0.01 | Mar 25, 2024 | Dell PowerScale OneFS 9.5.0.x through 9.7.0.x contain a covert timing channel vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to denial of service. | |||
| CVE-2024-24901 | 0.00 | — | 0.00 | Mar 4, 2024 | Dell PowerScale OneFS 8.2.x through 9.6.0.x contain an insufficient logging vulnerability. A local malicious user with high privileges could potentially exploit this vulnerability, causing audit messages lost and not recorded for a specific time period. | |||
| CVE-2024-22463 | 0.00 | — | 0.00 | Mar 4, 2024 | Dell PowerScale OneFS 8.2.x through 9.6.0.x contains a use of a broken or risky cryptographic algorithm vulnerability. A remote unprivileged attacker could potentially exploit this vulnerability, leading to compromise of confidentiality and integrity of sensitive information | |||
| CVE-2024-22430 | 0.00 | — | 0.00 | Feb 1, 2024 | Dell PowerScale OneFS versions 8.2.x through 9.6.0.x contains an incorrect default permissions vulnerability. A local low privileges malicious user could potentially exploit this vulnerability, leading to denial of service. | |||
| CVE-2024-22449 | 0.00 | — | 0.00 | Feb 1, 2024 | Dell PowerScale OneFS versions 9.0.0.x through 9.6.0.x contains a missing authentication for critical function vulnerability. A low privileged local malicious user could potentially exploit this vulnerability to gain elevated access. | |||
| CVE-2023-44295 | 0.00 | — | 0.00 | Dec 5, 2023 | Dell PowerScale OneFS versions 8.2.2.x through 9.6.0.x contains an improper control of a resource through its lifetime vulnerability. A low privilege attacker could potentially exploit this vulnerability, leading to loss of information, and information disclosure. | |||
| CVE-2023-44288 | 0.00 | — | 0.01 | Dec 5, 2023 | Dell PowerScale OneFS, 8.2.2.x through 9.6.0.x, contains an improper control of a resource through its lifetime vulnerability. An unauthenticated network attacker could potentially exploit this vulnerability, leading to denial of service. | |||
| CVE-2023-43076 | 0.00 | — | 0.01 | Nov 2, 2023 | Dell PowerScale OneFS 8.2.x,9.0.0.x-9.5.0.x contains a denial-of-service vulnerability. A low privilege remote attacker could potentially exploit this vulnerability to cause an out of memory (OOM) condition. | |||
| CVE-2023-43087 | 0.00 | — | 0.00 | Nov 2, 2023 | Dell PowerScale OneFS 8.2.x, 9.0.0.x-9.5.0.x contains an improper handling of insufficient permissions. A low privileged remote attacker could potentially exploit this vulnerability to cause information disclosure. | |||
| CVE-2023-32457 | 0.00 | — | 0.00 | Aug 29, 2023 | Dell PowerScale OneFS, versions 8.2.2.x-9.5.0.x, contains an improper privilege management vulnerability. A remote attacker with low privileges could potentially exploit this vulnerability, leading to escalation of privileges. | |||
| CVE-2023-32493 | 0.00 | — | 0.01 | Aug 16, 2023 | Dell PowerScale OneFS, 9.5.0.x, contains a protection mechanism bypass vulnerability. An unprivileged, remote attacker could potentially exploit this vulnerability, leading to denial of service, information disclosure and remote execution. | |||
| CVE-2023-32492 | 0.00 | — | 0.00 | Aug 16, 2023 | Dell PowerScale OneFS 9.5.0.x contains an incorrect default permissions vulnerability. A low-privileged local attacker could potentially exploit this vulnerability, leading to information disclosure or allowing to modify files. | |||
| CVE-2023-32491 | 0.00 | — | 0.00 | Aug 16, 2023 | Dell PowerScale OneFS 9.5.0.x, contains an insertion of sensitive information into log file vulnerability in SNMPv3. A low privileges user could potentially exploit this vulnerability, leading to information disclosure. | |||
| CVE-2023-32490 | 0.00 | — | 0.00 | Aug 16, 2023 | Dell PowerScale OneFS 8.2x -9.5x contains an improper privilege management vulnerability. A high privilege local attacker could potentially exploit this vulnerability, leading to system takeover. | |||
| CVE-2023-32489 | 0.00 | — | 0.00 | Aug 16, 2023 | Dell PowerScale OneFS 8.2x -9.5x contains a privilege escalation vulnerability. A local attacker with high privileges could potentially exploit this vulnerability, to bypass mode protections and gain elevated privileges. | |||
| CVE-2023-32488 | 0.00 | — | 0.00 | Aug 16, 2023 | Dell PowerScale OneFS, 8.2.x-9.5.0.x, contains an information disclosure vulnerability in NFS. A low privileged attacker could potentially exploit this vulnerability, leading to information disclosure. |
- CVE-2024-25952Mar 28, 2024risk 0.00cvss —epss 0.00
Dell PowerScale OneFS versions 8.2.2.x through 9.7.0.x contains an UNIX symbolic link (symlink) following vulnerability. A local high privileged attacker could potentially exploit this vulnerability, leading to denial of service, information tampering.
- CVE-2024-25960Mar 28, 2024risk 0.00cvss —epss 0.00
Dell PowerScale OneFS versions 8.2.2.x through 9.7.0.x contains a cleartext transmission of sensitive information vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to escalation of privileges.
- CVE-2024-25961Mar 28, 2024risk 0.00cvss —epss 0.00
Dell PowerScale OneFS versions 8.2.2.x through 9.7.0.x contains an improper privilege management vulnerability. A local high privileged attacker could potentially exploit this vulnerability, leading to escalation of privileges.
- CVE-2024-25959Mar 28, 2024risk 0.00cvss —epss 0.00
Dell PowerScale OneFS versions 9.4.0.x through 9.7.0.x contains an insertion of sensitive information into log file vulnerability. A low privileged local attacker could potentially exploit this vulnerability, leading to sensitive information disclosure, escalation of privileges.
- CVE-2024-25964Mar 25, 2024risk 0.00cvss —epss 0.01
Dell PowerScale OneFS 9.5.0.x through 9.7.0.x contain a covert timing channel vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to denial of service.
- CVE-2024-24901Mar 4, 2024risk 0.00cvss —epss 0.00
Dell PowerScale OneFS 8.2.x through 9.6.0.x contain an insufficient logging vulnerability. A local malicious user with high privileges could potentially exploit this vulnerability, causing audit messages lost and not recorded for a specific time period.
- CVE-2024-22463Mar 4, 2024risk 0.00cvss —epss 0.00
Dell PowerScale OneFS 8.2.x through 9.6.0.x contains a use of a broken or risky cryptographic algorithm vulnerability. A remote unprivileged attacker could potentially exploit this vulnerability, leading to compromise of confidentiality and integrity of sensitive information
- CVE-2024-22430Feb 1, 2024risk 0.00cvss —epss 0.00
Dell PowerScale OneFS versions 8.2.x through 9.6.0.x contains an incorrect default permissions vulnerability. A local low privileges malicious user could potentially exploit this vulnerability, leading to denial of service.
- CVE-2024-22449Feb 1, 2024risk 0.00cvss —epss 0.00
Dell PowerScale OneFS versions 9.0.0.x through 9.6.0.x contains a missing authentication for critical function vulnerability. A low privileged local malicious user could potentially exploit this vulnerability to gain elevated access.
- CVE-2023-44295Dec 5, 2023risk 0.00cvss —epss 0.00
Dell PowerScale OneFS versions 8.2.2.x through 9.6.0.x contains an improper control of a resource through its lifetime vulnerability. A low privilege attacker could potentially exploit this vulnerability, leading to loss of information, and information disclosure.
- CVE-2023-44288Dec 5, 2023risk 0.00cvss —epss 0.01
Dell PowerScale OneFS, 8.2.2.x through 9.6.0.x, contains an improper control of a resource through its lifetime vulnerability. An unauthenticated network attacker could potentially exploit this vulnerability, leading to denial of service.
- CVE-2023-43076Nov 2, 2023risk 0.00cvss —epss 0.01
Dell PowerScale OneFS 8.2.x,9.0.0.x-9.5.0.x contains a denial-of-service vulnerability. A low privilege remote attacker could potentially exploit this vulnerability to cause an out of memory (OOM) condition.
- CVE-2023-43087Nov 2, 2023risk 0.00cvss —epss 0.00
Dell PowerScale OneFS 8.2.x, 9.0.0.x-9.5.0.x contains an improper handling of insufficient permissions. A low privileged remote attacker could potentially exploit this vulnerability to cause information disclosure.
- CVE-2023-32457Aug 29, 2023risk 0.00cvss —epss 0.00
Dell PowerScale OneFS, versions 8.2.2.x-9.5.0.x, contains an improper privilege management vulnerability. A remote attacker with low privileges could potentially exploit this vulnerability, leading to escalation of privileges.
- CVE-2023-32493Aug 16, 2023risk 0.00cvss —epss 0.01
Dell PowerScale OneFS, 9.5.0.x, contains a protection mechanism bypass vulnerability. An unprivileged, remote attacker could potentially exploit this vulnerability, leading to denial of service, information disclosure and remote execution.
- CVE-2023-32492Aug 16, 2023risk 0.00cvss —epss 0.00
Dell PowerScale OneFS 9.5.0.x contains an incorrect default permissions vulnerability. A low-privileged local attacker could potentially exploit this vulnerability, leading to information disclosure or allowing to modify files.
- CVE-2023-32491Aug 16, 2023risk 0.00cvss —epss 0.00
Dell PowerScale OneFS 9.5.0.x, contains an insertion of sensitive information into log file vulnerability in SNMPv3. A low privileges user could potentially exploit this vulnerability, leading to information disclosure.
- CVE-2023-32490Aug 16, 2023risk 0.00cvss —epss 0.00
Dell PowerScale OneFS 8.2x -9.5x contains an improper privilege management vulnerability. A high privilege local attacker could potentially exploit this vulnerability, leading to system takeover.
- CVE-2023-32489Aug 16, 2023risk 0.00cvss —epss 0.00
Dell PowerScale OneFS 8.2x -9.5x contains a privilege escalation vulnerability. A local attacker with high privileges could potentially exploit this vulnerability, to bypass mode protections and gain elevated privileges.
- CVE-2023-32488Aug 16, 2023risk 0.00cvss —epss 0.00
Dell PowerScale OneFS, 8.2.x-9.5.0.x, contains an information disclosure vulnerability in NFS. A low privileged attacker could potentially exploit this vulnerability, leading to information disclosure.
Page 4 of 9