CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-29170
https://notcve.org/view.php?id=CVE-2024-29170
04 Jun 2024 — Dell PowerScale OneFS versions 8.2.x through 9.8.0.x contain a use of hard coded credentials vulnerability. An adjacent network unauthenticated attacker could potentially exploit this vulnerability, leading to information disclosure of network traffic and denial of service. Dell PowerScale OneFS versiones 8.2.x a 9.8.0.x contienen una vulnerabilidad de uso de credenciales codificadas. Un atacante no autenticado de una red adyacente podría explotar esta vulnerabilidad, lo que provocaría la divulgación de inf... • https://www.dell.com/support/kbdoc/en-us/000225667/dsa-2024-210-security-update-for-dell-powerscale-onefs-for-multiple-security-vulnerabilities • CWE-798: Use of Hard-coded Credentials •
CVSS: 6.2EPSS: 0%CPEs: 4EXPL: 0CVE-2024-25969
https://notcve.org/view.php?id=CVE-2024-25969
14 May 2024 — Dell PowerScale OneFS versions 8.2.x through 9.7.0.1 contains an allocation of resources without limits or throttling vulnerability. A local unauthenticated attacker could potentially exploit this vulnerability, leading to denial of service. Dell PowerScale OneFS versiones 8.2.x a 9.7.0.1 contiene una asignación de recursos sin límites ni vulnerabilidad de limitación. Un atacante local no autenticado podría explotar esta vulnerabilidad y provocar una denegación de servicio. • https://www.dell.com/support/kbdoc/en-us/000224860/dsa-2024-163-security-update-for-dell-powerscale-onefs-for-multiple-security-vulnerabilities • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 6.1EPSS: 0%CPEs: 5EXPL: 0CVE-2024-25965
https://notcve.org/view.php?id=CVE-2024-25965
14 May 2024 — Dell PowerScale OneFS versions 8.2.x through 9.7.0.2 contains an external control of file name or path vulnerability. A local high privilege attacker could potentially exploit this vulnerability, leading to denial of service. Dell PowerScale OneFS versiones 8.2.x a 9.7.0.2 contiene un control externo de la vulnerabilidad de la ruta o el nombre del archivo. Un atacante local con privilegios elevados podría explotar esta vulnerabilidad y provocar una denegación de servicio. • https://www.dell.com/support/kbdoc/en-us/000224860/dsa-2024-163-security-update-for-dell-powerscale-onefs-for-multiple-security-vulnerabilities • CWE-73: External Control of File Name or Path •
CVSS: 5.3EPSS: 0%CPEs: 5EXPL: 0CVE-2024-25966
https://notcve.org/view.php?id=CVE-2024-25966
14 May 2024 — Dell PowerScale OneFS versions 8.2.x through 9.7.0.2 contains an improper handling of unexpected data type vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to denial of service. Dell PowerScale OneFS versiones 8.2.x a 9.7.0.2 contiene un manejo inadecuado de la vulnerabilidad de tipo de datos inesperado. Un atacante remoto no autenticado podría explotar esta vulnerabilidad y provocar una denegación de servicio. • https://www.dell.com/support/kbdoc/en-us/000224860/dsa-2024-163-security-update-for-dell-powerscale-onefs-for-multiple-security-vulnerabilities • CWE-241: Improper Handling of Unexpected Data Type •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-25970
https://notcve.org/view.php?id=CVE-2024-25970
14 May 2024 — Dell PowerScale OneFS versions 8.2.x through 9.7.0.1 contains an improper input validation vulnerability. A low privileged remote attacker could potentially exploit this vulnerability, leading to loss of integrity. Dell PowerScale OneFS versiones 8.2.x a 9.7.0.1 contiene una vulnerabilidad de validación de entrada incorrecta. Un atacante remoto con pocos privilegios podría explotar esta vulnerabilidad, lo que provocaría una pérdida de integridad. • https://www.dell.com/support/kbdoc/en-us/000224860/dsa-2024-163-security-update-for-dell-powerscale-onefs-for-multiple-security-vulnerabilities • CWE-20: Improper Input Validation •
CVSS: 6.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-25967
https://notcve.org/view.php?id=CVE-2024-25967
14 May 2024 — Dell PowerScale OneFS versions 8.2.x through 9.7.0.1 contains an execution with unnecessary privileges vulnerability. A local high privileged attacker could potentially exploit this vulnerability, leading to escalation of privileges. Dell PowerScale OneFS versiones 8.2.x a 9.7.0.1 contiene una vulnerabilidad de ejecución con privilegios innecesarios. Un atacante local con privilegios elevados podría explotar esta vulnerabilidad, lo que provocaría una escalada de privilegios. • https://www.dell.com/support/kbdoc/en-us/000224860/dsa-2024-163-security-update-for-dell-powerscale-onefs-for-multiple-security-vulnerabilities • CWE-250: Execution with Unnecessary Privileges •
CVSS: 5.9EPSS: 0%CPEs: 5EXPL: 0CVE-2024-25968
https://notcve.org/view.php?id=CVE-2024-25968
14 May 2024 — Dell PowerScale OneFS versions 8.2.x through 9.7.0.2 contains a use of a broken or risky cryptographic algorithm vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to information disclosure. Dell PowerScale OneFS versiones 8.2.x a 9.7.0.2 contiene el uso de una vulnerabilidad de algoritmo criptográfico roto o riesgoso. Un atacante remoto no autenticado podría explotar esta vulnerabilidad y provocar la divulgación de información. • https://www.dell.com/support/kbdoc/en-us/000224860/dsa-2024-163-security-update-for-dell-powerscale-onefs-for-multiple-security-vulnerabilities • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0CVE-2024-25954
https://notcve.org/view.php?id=CVE-2024-25954
28 Mar 2024 — Dell PowerScale OneFS, versions 9.5.0.x through 9.7.0.x, contain an insufficient session expiration vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to denial of service. Dell PowerScale OneFS, versiones 9.5.0.x a 9.7.0.x, contienen una vulnerabilidad de caducidad de sesión insuficiente. Un atacante remoto no autenticado podría explotar esta vulnerabilidad y provocar una denegación de servicio. • https://www.dell.com/support/kbdoc/en-us/000223366/dsa-2024-115-security-update-for-dell-powerscale-onefs-for-multiple-security-vulnerabilities • CWE-613: Insufficient Session Expiration •
CVSS: 5.9EPSS: 0%CPEs: 4EXPL: 0CVE-2024-25963
https://notcve.org/view.php?id=CVE-2024-25963
28 Mar 2024 — Dell PowerScale OneFS, versions 8.2.2.x through 9.5.0.x contains a use of a broken cryptographic algorithm vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to information disclosure. Dell PowerScale OneFS, versiones 8.2.2.x a 9.5.0.x contiene el uso de una vulnerabilidad de algoritmo criptográfico roto. Un atacante remoto no autenticado podría explotar esta vulnerabilidad y provocar la divulgación de información. • https://www.dell.com/support/kbdoc/en-us/000223366/dsa-2024-115-security-update-for-dell-powerscale-onefs-for-multiple-security-vulnerabilities • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 6.0EPSS: 0%CPEs: 4EXPL: 0CVE-2024-25953
https://notcve.org/view.php?id=CVE-2024-25953
28 Mar 2024 — Dell PowerScale OneFS versions 9.4.0.x through 9.7.0.x contains an UNIX symbolic link (symlink) following vulnerability. A local high privileged attacker could potentially exploit this vulnerability, leading to denial of service, information tampering. Dell PowerScale OneFS versiones 9.4.0.x a 9.7.0.x contiene un enlace simbólico UNIX (enlace simbólico) después de la vulnerabilidad. Un atacante local con privilegios elevados podría explotar esta vulnerabilidad, lo que provocaría denegación de servicio y man... • https://www.dell.com/support/kbdoc/en-us/000223366/dsa-2024-115-security-update-for-dell-powerscale-onefs-for-multiple-security-vulnerabilities • CWE-61: UNIX Symbolic Link (Symlink) Following •