CVSS: 6.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-43076
https://notcve.org/view.php?id=CVE-2023-43076
02 Nov 2023 — Dell PowerScale OneFS 8.2.x,9.0.0.x-9.5.0.x contains a denial-of-service vulnerability. A low privilege remote attacker could potentially exploit this vulnerability to cause an out of memory (OOM) condition. Dell PowerScale OneFS 8.2.x,9.0.0.x-9.5.0.x contiene una vulnerabilidad de denegación de servicio. Un atacante remoto con privilegios bajos podría explotar esta vulnerabilidad para provocar una condición de Out Of Memory (OOM). • https://www.dell.com/support/kbdoc/en-us/000218934/powerscale-onefs-security-updates-for-multiple-security-vulnerabilities • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 6.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-43087
https://notcve.org/view.php?id=CVE-2023-43087
02 Nov 2023 — Dell PowerScale OneFS 8.2.x, 9.0.0.x-9.5.0.x contains an improper handling of insufficient permissions. A low privileged remote attacker could potentially exploit this vulnerability to cause information disclosure. Dell PowerScale OneFS 8.2.x, 9.0.0.x-9.5.0.x contiene un manejo inadecuado de permisos insuficientes. Un atacante remoto con pocos privilegios podría explotar esta vulnerabilidad para provocar la divulgación de información. • https://www.dell.com/support/kbdoc/en-us/000218934/powerscale-onefs-security-updates-for-multiple-security-vulnerabilities • CWE-280: Improper Handling of Insufficient Permissions or Privileges CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 6.0EPSS: 0%CPEs: 9EXPL: 0CVE-2022-34445
https://notcve.org/view.php?id=CVE-2022-34445
10 Feb 2023 — Dell PowerScale OneFS, versions 8.2.x through 9.3.x contain a weak encoding for a password. A malicious local privileged attacker may potentially exploit this vulnerability, leading to information disclosure. • https://www.dell.com/support/kbdoc/en-us/000205618/dsa-2022-271 • CWE-261: Weak Encoding for Password CWE-522: Insufficiently Protected Credentials •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-34444
https://notcve.org/view.php?id=CVE-2022-34444
10 Feb 2023 — Dell PowerScale OneFS, versions 9.2.0.x through 9.4.0.x contain an information vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability to cause data leak. • https://www.dell.com/support/kbdoc/en-us/000205618/dsa-2022-271 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2022-31230
https://notcve.org/view.php?id=CVE-2022-31230
28 Jun 2022 — Dell PowerScale OneFS, versions 8.2.x-9.2.x, contain broken or risky cryptographic algorithm. A remote unprivileged malicious attacker could potentially exploit this vulnerability, leading to full system access. Dell PowerScale OneFS, versiones 8.2.x-9.2.x, contienen un algoritmo criptográfico roto o arriesgado. Un atacante remoto malicioso no privilegiado podría explotar esta vulnerabilidad, conllevando a un acceso total del sistema • https://www.dell.com/support/kbdoc/en-us/000200681/dsa-2022-118-dell-emc-powerscale-onefs-security-update • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 9.6EPSS: 0%CPEs: 1EXPL: 0CVE-2022-31229
https://notcve.org/view.php?id=CVE-2022-31229
28 Jun 2022 — Dell PowerScale OneFS, 8.2.x through 9.3.0.x, contain an error message with sensitive information. An administrator could potentially exploit this vulnerability, leading to disclosure of sensitive information. This sensitive information can be used to access sensitive resources. Dell PowerScale OneFS, versiones 8.2.x hasta 9.3.0.x, contienen un mensaje de error con información confidencial. Un administrador podría explotar esta vulnerabilidad, conllevando a una divulgación de información confidencial. • https://www.dell.com/support/kbdoc/en-us/000200681/dsa-2022-118-dell-emc-powerscale-onefs-security-update?lang=en • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 8.1EPSS: 0%CPEs: 6EXPL: 0CVE-2022-29098
https://notcve.org/view.php?id=CVE-2022-29098
01 Jun 2022 — Dell PowerScale OneFS versions 8.2.0.x through 9.3.0.x, contain a weak password requirement vulnerability. An administrator may create an account with no password. A remote attacker may potentially exploit this leading to a user account compromise. Dell PowerScale OneFS versiones 8.2.0.x a 9.3.0.x, contienen una vulnerabilidad de requisito de contraseña débil. Un administrador puede crear una cuenta sin contraseña. • https://www.dell.com/support/kbdoc/en-us/000200128/dsa-2022-082-dell-emc-powerscale-onefs-security-update?lang=en • CWE-521: Weak Password Requirements •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2021-36350
https://notcve.org/view.php?id=CVE-2021-36350
21 Dec 2021 — Dell PowerScale OneFS, versions 8.2.2-9.3.0.x, contain an authentication bypass by primary weakness in one of the authentication factors. A remote unauthenticated attacker may potentially exploit this vulnerability and bypass one of the factors of authentication. Dell PowerScale OneFS, versiones 8.2.2-9.3.0.x, contienen una omisión de autenticación por debilidad primaria en uno de los factores de autenticación. Un atacante remoto no autenticado puede explotar potencialmente esta vulnerabilidad y omitir uno ... • https://www.dell.com/support/kbdoc/000194157 • CWE-287: Improper Authentication •
CVSS: 8.1EPSS: 0%CPEs: 4EXPL: 0CVE-2021-36278
https://notcve.org/view.php?id=CVE-2021-36278
16 Aug 2021 — Dell EMC PowerScale OneFS versions 8.2.x, 9.1.0.x, and 9.1.1.1 contain a sensitive information exposure vulnerability in log files. A local malicious user with ISI_PRIV_LOGIN_SSH, ISI_PRIV_LOGIN_CONSOLE, or ISI_PRIV_SYS_SUPPORT privileges may exploit this vulnerability to access sensitive information. If any third-party consumes those logs, the same sensitive information is available to those systems as well. Las versiones 8.2.x, 9.1.0.x y 9.1.1.1 de Dell EMC PowerScale OneFS contienen una vulnerabilidad de... • https://www.dell.com/support/kbdoc/000190408 • CWE-532: Insertion of Sensitive Information into Log File •