Page 3 of 43 results (0.015 seconds)

CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0

Dell EMC PowerScale OneFS 8.1.x - 9.1.x contain hard coded credentials. This allows a local user with knowledge of the credentials to login as the admin user to the backend ethernet switch of a PowerScale cluster. The attacker can exploit this vulnerability to take the switch offline. Dell EMC PowerScale OneFS 8.1.x - 9.1.x contienen credenciales embebidas. Esto permite a un usuario local con conocimiento de las credenciales iniciar sesión como usuario administrador en el conmutador ethernet backend de un clúster PowerScale. • https://www.dell.com/support/kbdoc/000195815 • CWE-798: Use of Hard-coded Credentials •

CVSS: 6.7EPSS: 0%CPEs: 1EXPL: 0

Dell PowerScale OneFS, versions 8.2.2 and above, contain a password disclosure vulnerability. An unprivileged local attacker could potentially exploit this vulnerability, leading to account take over. Dell PowerScale OneFS, versiones 8.2.2 y superiores, contienen una vulnerabilidad de divulgación de contraseñas. Un atacante local no privilegiado podría explotar esta vulnerabilidad, conllevando a una toma de la cuenta • https://www.dell.com/support/kbdoc/000195815 • CWE-522: Insufficiently Protected Credentials CWE-549: Missing Password Field Masking •

CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0

Dell PowerScale OneFS, 8.2.x-9.3.x, contains a Improper Certificate Validation. A unauthenticated remote attacker could potentially exploit this vulnerability, leading to a man-in-the-middle capture of administrative credentials. Dell PowerScale OneFS, versiones 8.2.x-9.3.x, contiene una comprobación inapropiada de certificados. Un atacante remoto no autenticado podría explotar esta vulnerabilidad, conllevando a una captura de credenciales administrativas por parte de un ataque de tipo man-in-the-middle • https://www.dell.com/support/kbdoc/en-us/000195815/dsa-2022-002-dell-emc-powerscale-onefs-security-update-for-multiple-vulnerabilities • CWE-295: Improper Certificate Validation •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

Dell PowerScale OneFS, versions 8.2.x-9.3.0.x, contains an incorrect default permissions vulnerability. A local malicious user could potentially exploit this vulnerability, leading to a denial of service. Dell PowerScale OneFS, versiones 8.2.x-9.3.0.x, contiene una vulnerabilidad de permisos por defecto incorrectos. Un usuario local malicioso podría explotar esta vulnerabilidad, conllevando a una denegación de servicio • https://www.dell.com/support/kbdoc/en-us/000197991/dell-emc-powerscale-onefs-security-update-for-multiple-component-vulnerabilities • CWE-276: Incorrect Default Permissions •

CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0

Dell PowerScale OneFS, versions 8.2.x-9.2.x, contain risky cryptographic algorithms. A remote unprivileged malicious attacker could potentially exploit this vulnerability, leading to full system access Dell PowerScale OneFS, versiones 8.2.x-9.2.x, contiene algoritmos criptográficos arriesgados. Un atacante remoto no privilegiado podría explotar esta vulnerabilidad, conllevando a un acceso total al sistema • https://www.dell.com/support/kbdoc/en-us/000197991/dell-emc-powerscale-onefs-security-update-for-multiple-component-vulnerabilities • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •