CVSS: 4.4EPSS: 0%CPEs: 1EXPL: 0CVE-2022-24413
https://notcve.org/view.php?id=CVE-2022-24413
12 Apr 2022 — Dell PowerScale OneFS, versions 8.2.2-9.3.x, contain a time-of-check-to-time-of-use vulnerability. A local user with access to the filesystem could potentially exploit this vulnerability, leading to data loss. Dell PowerScale OneFS, versiones 8.2.2-9.3.x, contienen una vulnerabilidad de tiempo de comprobación a tiempo de uso. Un usuario local con acceso al sistema de archivos podría explotar esta vulnerabilidad, conllevando a una pérdida de datos • https://www.dell.com/support/kbdoc/000196657 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-24412
https://notcve.org/view.php?id=CVE-2022-24412
12 Apr 2022 — Dell EMC PowerScale OneFS 8.2.x - 9.3.0.x contain an improper handling of value vulnerability. An unprivileged network attacker could potentially exploit this vulnerability, leading to denial-of-service. Dell EMC PowerScale OneFS versiones 8.2.x - 9.3.0.x, contienen una vulnerabilidad de manejo inapropiado de valores. Un atacante de red no privilegiado podría explotar esta vulnerabilidad, conllevando a una denegación de servicio • https://www.dell.com/support/kbdoc/000196657 • CWE-229: Improper Handling of Values •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-24411
https://notcve.org/view.php?id=CVE-2022-24411
12 Apr 2022 — Dell PowerScale OneFS 8.2.2 and above contain an elevation of privilege vulnerability. A local attacker with ISI_PRIV_LOGIN_SSH and/or ISI_PRIV_LOGIN_CONSOLE could potentially exploit this vulnerability, leading to elevation of privilege. This could potentially allow users to circumvent PowerScale Compliance Mode guarantees. Dell PowerScale OneFS versiones 8.2.2 y superiores, contienen una vulnerabilidad de elevación de privilegios. Un atacante local con ISI_PRIV_LOGIN_SSH y/o ISI_PRIV_LOGIN_CONSOLE podría ... • https://www.dell.com/support/kbdoc/000196657 • CWE-378: Creation of Temporary File With Insecure Permissions CWE-668: Exposure of Resource to Wrong Sphere •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-23163
https://notcve.org/view.php?id=CVE-2022-23163
12 Apr 2022 — Dell PowerScale OneFS, 8.2,x, 9.1.0.x, 9.2.1.x, and 9.3.0.x contain a denial of service vulnerability. A local malicious user could potentially exploit this vulnerability, leading to denial of service/data unavailability. Dell PowerScale OneFS, 8.2,x, 9.1.0.x, 9.2.1.x y 9.3.0.x, contienen una vulnerabilidad de denegación de servicio. Un usuario local malicioso podría explotar esta vulnerabilidad, conllevando a una denegación de servicio o indisponibilidad de datos • https://www.dell.com/support/kbdoc/000196009 • CWE-379: Creation of Temporary File in Directory with Insecure Permissions CWE-668: Exposure of Resource to Wrong Sphere •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-23161
https://notcve.org/view.php?id=CVE-2022-23161
12 Apr 2022 — Dell PowerScale OneFS versions 8.2.x - 9.3.0.x contain a denial-of-service vulnerability in SmartConnect. An unprivileged network attacker may potentially exploit this vulnerability, leading to denial-of-service. Las versiones 8.2.x - 9.3.0.x de Dell PowerScale OneFS contienen una vulnerabilidad de denegación de servicio en SmartConnect. Un atacante de red sin privilegios puede explotar potencialmente esta vulnerabilidad, llevando a la denegación de servicio • https://www.dell.com/support/kbdoc/000196009 • CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2022-23160
https://notcve.org/view.php?id=CVE-2022-23160
12 Apr 2022 — Dell PowerScale OneFS, versions 8.2.0-9.3.0, contains an Improper Handling of Insufficient Permissions vulnerability. An remote malicious user could potentially exploit this vulnerability, leading to gaining write permissions on read-only files. Dell PowerScale OneFS, versiones 8.2.0-9.3.0, contiene una vulnerabilidad de manejo inapropiado de permisos insuficientes. Un usuario malicioso remoto podría explotar esta vulnerabilidad, conllevando a una obtención de permisos de escritura en archivos de sólo lectu... • https://www.dell.com/support/kbdoc/000196009 • CWE-269: Improper Privilege Management CWE-274: Improper Handling of Insufficient Privileges •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-23159
https://notcve.org/view.php?id=CVE-2022-23159
12 Apr 2022 — Dell PowerScale OneFS, 8.2.2 - 9.3.0.x, contain a missing release of memory after effective lifetime vulnerability. An authenticated user with ISI_PRIV_LOGIN_SSH and/or ISI_PRIV_LOGIN_CONSOLE and ISI_PRIV_AUTH_PROVIDERS privileges could exploit this vulnerability, leading to a Denial-Of-Service. This can also impact a cluster in Compliance mode. Dell recommends to update at the earliest opportunity. Dell PowerScale OneFS, 8.2.2 - 9.3.0.x, contiene una vulnerabilidad de falta de liberación de memoria después... • https://www.dell.com/support/kbdoc/000196009 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-22565
https://notcve.org/view.php?id=CVE-2022-22565
12 Apr 2022 — Dell PowerScale OneFS, versions 9.0.0-9.3.0, contain an improper authorization of index containing sensitive information. An authenticated and privileged user could potentially exploit this vulnerability, leading to disclosure or modification of sensitive data. Dell PowerScale OneFS, versiones 9.0.0-9.3.0, contienen una autorización inapropiada de índice que contiene información confidencial. Un usuario autenticado y con privilegios podría explotar esta vulnerabilidad, conllevando a una divulgación o modifi... • https://www.dell.com/support/kbdoc/000195815 • CWE-612: Improper Authorization of Index Containing Sensitive Information •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-22562
https://notcve.org/view.php?id=CVE-2022-22562
12 Apr 2022 — Dell PowerScale OneFS, versions 8.2.0-9.3.0, contain a improper handling of missing values exploit. An unauthenticated network attacker could potentially exploit this denial-of-service vulnerability. Dell PowerScale OneFS, versiones 8.2.0-9.3.0, contienen una explotación de manejo inapropiado de valores perdidos. Un atacante de red no autenticado podría explotar esta vulnerabilidad de denegación de servicio • https://www.dell.com/support/kbdoc/000195815 • CWE-229: Improper Handling of Values •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-22561
https://notcve.org/view.php?id=CVE-2022-22561
12 Apr 2022 — Dell PowerScale OneFS, versions 8.2.x-9.3.0.x, contain an improper restriction of excessive authentication attempts. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to compromised accounts. Dell PowerScale OneFS, versiones 8.2.x-9.3.0.x, contienen una restricción inapropiada de intentos de autenticación excesivos. Un atacante remoto no autenticado podría explotar esta vulnerabilidad, conllevando a cuentas comprometidas • https://www.dell.com/support/kbdoc/000195815 • CWE-307: Improper Restriction of Excessive Authentication Attempts •