CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2020-26194
https://notcve.org/view.php?id=CVE-2020-26194
09 Feb 2021 — Dell EMC PowerScale OneFS versions 8.1.2 and 8.2.2 contain an Incorrect Permission Assignment for a Critical Resource vulnerability. This may allow a non-admin user with either ISI_PRIV_LOGIN_CONSOLE or ISI_PRIV_LOGIN_SSH privileges to exploit the vulnerability, leading to compromised cryptographic operations. Note: no non-admin users or roles have these privileges by default. Dell EMC PowerScale OneFS versiones 8.1.2 y 8.2.2, contienen una asignación de Permisos Incorrecto para una vulnerabilidad de Recurs... • https://www.dell.com/support/kbdoc/en-us/000182873/dsa-2021-009-dell-powerscale-onefs-security-update-for-multiple-vulnerabilities • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2020-26193
https://notcve.org/view.php?id=CVE-2020-26193
09 Feb 2021 — Dell EMC PowerScale OneFS versions 8.1.0 - 9.1.0 contain an improper input validation vulnerability. A user with the ISI_PRIV_CLUSTER privilege may exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS, with the privileges of the vulnerable application. Dell EMC PowerScale OneFS versiones 8.1.0 - 9.1.0, contienen una vulnerabilidad de comprobación inapropiada de la entrada. Un usuario con el privilegio ISI_PRIV_CLUSTER puede explotar esta vulne... • https://www.dell.com/support/kbdoc/en-us/000182873/dsa-2021-009-dell-powerscale-onefs-security-update-for-multiple-vulnerabilities • CWE-20: Improper Input Validation CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2020-26192
https://notcve.org/view.php?id=CVE-2020-26192
09 Feb 2021 — Dell EMC PowerScale OneFS versions 8.2.0 - 9.1.0 contain a privilege escalation vulnerability. A non-admin user with either ISI_PRIV_LOGIN_CONSOLE or ISI_PRIV_LOGIN_SSH may potentially exploit this vulnerability to read arbitrary data, tamper with system software or deny service to users. Note: no non-admin users or roles have these privileges by default. Dell EMC PowerScale OneFS versiones 8.2.0 - 9.1.0, contienen una vulnerabilidad de escalada de privilegios. Un usuario que no sea administrador con I... • https://www.dell.com/support/kbdoc/en-us/000182873/dsa-2021-009-dell-powerscale-onefs-security-update-for-multiple-vulnerabilities • CWE-306: Missing Authentication for Critical Function •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2020-26191
https://notcve.org/view.php?id=CVE-2020-26191
09 Feb 2021 — Dell EMC PowerScale OneFS versions 8.1.0 - 9.1.0 contain a privilege escalation vulnerability. A user with ISI_PRIV_JOB_ENGINE may use the PermissionRepair job to grant themselves the highest level of RBAC privileges thus being able to read arbitrary data, tamper with system software or deny service to users. Dell EMC PowerScale OneFS versiones 8.1.0 - 9.1.0, contienen una vulnerabilidad de escalada de privilegios. Un usuario con ISI_PRIV_JOB_ENGINE puede usar el trabajo PermissionRepair para otorgarse... • https://www.dell.com/support/kbdoc/en-us/000182873/dsa-2021-009-dell-powerscale-onefs-security-update-for-multiple-vulnerabilities • CWE-269: Improper Privilege Management •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2020-5369
https://notcve.org/view.php?id=CVE-2020-5369
02 Sep 2020 — Dell EMC Isilon OneFS versions 8.2.2 and earlier and Dell EMC PowerScale OneFS version 9.0.0 contain a privilege escalation vulnerability. An authenticated malicious user may exploit this vulnerability by using SyncIQ to gain unauthorized access to system management files. Dell EMC Isilon OneFS versiones 8.2.2 y anteriores y Dell EMC PowerScale OneFS versión 9.0.0 contienen una vulnerabilidad de escalada de privilegios. Un usuario malicioso autenticado puede aprovechar esta vulnerabilidad usando SyncIQ para... • https://www.dell.com/support/security/en-us/details/546160/DSA-2020-142-Dell-EMC-Isilon-OneFS-and-Dell-EMC-PowerScale-OneFS-Security-Update-for-SyncIQ-Privi • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2020-5383
https://notcve.org/view.php?id=CVE-2020-5383
27 Aug 2020 — Dell EMC Isilon OneFS version 8.2.2 and Dell EMC PowerScale OneFS version 9.0.0 contains a buffer overflow vulnerability in the Likewise component. A remote unauthenticated malicious attacker may potentially exploit this vulnerability to cause a process restart. Dell EMC Isilon OneFS versión 8.2.2 y Dell EMC PowerScale OneFS versión 9.0.0, contienen una vulnerabilidad de desbordamiento del búfer en el componente Likewise. Un atacante malicioso remoto no autenticado podría explotar esta vulnerabilidad para c... • https://www.dell.com/support/security/en-us/details/546005/DSA-2020-189-Dell-EMC-Isilon-OneFS-and-Dell-EMC-PowerScale-Security-Update-for-Buffer-Overflow-Vu • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2015-6312
https://notcve.org/view.php?id=CVE-2015-6312
06 Apr 2016 — Cisco TelePresence Server 3.1 on 7010, Mobility Services Engine (MSE) 8710, Multiparty Media 310 and 320, and Virtual Machine (VM) devices allows remote attackers to cause a denial of service (device reload) via malformed STUN packets, aka Bug ID CSCuv01348. Cisco TelePresence Server 3.1 sobre dispositivos 7010, Mobility Services Engine (MSE) 8710, Multiparty Media 310 y 320 y Virtual Machine (VM) permite a atacantes remotos causar una denegación de servicio (recarga de dispositivo) a través de paquetes STU... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160406-cts2 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.1EPSS: 0%CPEs: 6EXPL: 0CVE-2016-1346
https://notcve.org/view.php?id=CVE-2016-1346
06 Apr 2016 — The kernel in Cisco TelePresence Server 3.0 through 4.2(4.18) on Mobility Services Engine (MSE) 8710 devices allows remote attackers to cause a denial of service (panic and reboot) via a crafted sequence of IPv6 packets, aka Bug ID CSCuu46673. El kernel en Cisco TelePresence Server 3.0 hasta la versión 4.2(4.18) en dispositivos Mobility Services Engine (MSE) 8710 permite a atacantes remotos causar una denegación de servicio (pánico y reinicio) a través de una secuencia de paquetes IPv6 manipulada, también c... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160406-cts • CWE-399: Resource Management Errors •