Page 11 of 61 results (0.009 seconds)

CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0

Dell EMC PowerScale OneFS versions 8.2.x - 9.2.x contain an incorrect permission assignment for critical resource vulnerability. This could allow a user with ISI_PRIV_LOGIN_SSH or ISI_PRIV_LOGIN_CONSOLE to access privileged information about the cluster. Dell EMC PowerScale OneFS versiones 8.2.x - 9.2.x, contienen una vulnerabilidad de asignación de permisos incorrecta para recursos críticos. Esto podría permitir a un usuario privilegiado ISI_PRIV_LOGIN_SSH o ISI_PRIV_LOGIN_CONSOLE acceder a información privilegiada sobre el clúster. • https://www.dell.com/support/kbdoc/000190408 • CWE-732: Incorrect Permission Assignment for Critical Resource •

CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0

Dell EMC PowerScale OneFS versions 8.2.x - 9.2.x contain an incorrect permission assignment for critical resource vulnerability. This could allow a user with ISI_PRIV_LOGIN_SSH or ISI_PRIV_LOGIN_CONSOLE to access privileged information about the cluster. Dell EMC PowerScale OneFS versiones 8.2.x - 9.2.x, contienen una asignación de permisos incorrecta para la vulnerabilidad de los recursos críticos. Esto podría permitir a un usuario privilegiado ISI_PRIV_LOGIN_SSH o ISI_PRIV_LOGIN_CONSOLE acceder a información privilegiada sobre el cluster. • https://www.dell.com/support/kbdoc/000190408 • CWE-732: Incorrect Permission Assignment for Critical Resource •

CVSS: 8.1EPSS: 0%CPEs: 4EXPL: 0

Dell EMC PowerScale OneFS versions 8.2.x, 9.1.0.x, and 9.1.1.1 contain a sensitive information exposure vulnerability in log files. A local malicious user with ISI_PRIV_LOGIN_SSH, ISI_PRIV_LOGIN_CONSOLE, or ISI_PRIV_SYS_SUPPORT privileges may exploit this vulnerability to access sensitive information. If any third-party consumes those logs, the same sensitive information is available to those systems as well. Las versiones 8.2.x, 9.1.0.x y 9.1.1.1 de Dell EMC PowerScale OneFS contienen una vulnerabilidad de exposición de información sensible en los archivos de registro. Un usuario local malintencionado con privilegios ISI_PRIV_LOGIN_SSH, ISI_PRIV_LOGIN_CONSOLE o ISI_PRIV_SYS_SUPPORT puede aprovechar esta vulnerabilidad para acceder a información sensible. • https://www.dell.com/support/kbdoc/000190408 • CWE-532: Insertion of Sensitive Information into Log File •

CVSS: 6.7EPSS: 0%CPEs: 2EXPL: 0

Dell EMC PowerScale OneFS versions 8.2.x - 9.2.1.x contain an OS command injection vulnerability. This may allow a user with ISI_PRIV_LOGIN_SSH or ISI_PRIV_LOGIN_CONSOLE to escalate privileges and escape the compliance guarantees. This only impacts Smartlock WORM compliance mode clusters as a critical vulnerability and Dell recommends to update/upgrade at the earliest opportunity. Dell EMC PowerScale OneFS versiones 8.2.x - 9.2.1.x, contienen una vulnerabilidad de inyección de comandos del Sistema Operativo. Esto puede permitir a un usuario con los privilegios ISI_PRIV_LOGIN_SSH o ISI_PRIV_LOGIN_CONSOLE escalar privilegios y escapar de las garantías de cumplimiento. • https://www.dell.com/support/kbdoc/000190408 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •

CVSS: 6.7EPSS: 0%CPEs: 2EXPL: 0

Dell EMC PowerScale OneFS versions 8.2.x - 9.1.1.x contain an improper neutralization of special elements used in an OS command. This vulnerability could allow the compadmin user to elevate privileges. This only impacts Smartlock WORM compliance mode clusters as a critical vulnerability and Dell recommends to update/upgrade at the earliest opportunity. Dell EMC PowerScale OneFS versiones 8.2.x - 9.1.1.x, contienen una neutralización inapropiada de los elementos especiales usados en un comando del Sistema Operativo. Esta vulnerabilidad podría permitir al usuario compadmin elevar sus privilegios. • https://www.dell.com/support/kbdoc/000190408 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •