CVSS: 6.7EPSS: 0%CPEs: 3EXPL: 0CVE-2023-32490
https://notcve.org/view.php?id=CVE-2023-32490
16 Aug 2023 — Dell PowerScale OneFS 8.2x -9.5x contains an improper privilege management vulnerability. A high privilege local attacker could potentially exploit this vulnerability, leading to system takeover. • https://www.dell.com/support/kbdoc/en-us/000216717/dsa-2023-269-security-update-for-dell-powerscale-onefs-for-multiple-security-vulnerabilities • CWE-269: Improper Privilege Management •
CVSS: 6.7EPSS: 0%CPEs: 3EXPL: 0CVE-2023-32489
https://notcve.org/view.php?id=CVE-2023-32489
16 Aug 2023 — Dell PowerScale OneFS 8.2x -9.5x contains a privilege escalation vulnerability. A local attacker with high privileges could potentially exploit this vulnerability, to bypass mode protections and gain elevated privileges. • https://www.dell.com/support/kbdoc/en-us/000216717/dsa-2023-269-security-update-for-dell-powerscale-onefs-for-multiple-security-vulnerabilities • CWE-280: Improper Handling of Insufficient Permissions or Privileges •
CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0CVE-2023-32488
https://notcve.org/view.php?id=CVE-2023-32488
16 Aug 2023 — Dell PowerScale OneFS, 8.2.x-9.5.0.x, contains an information disclosure vulnerability in NFS. A low privileged attacker could potentially exploit this vulnerability, leading to information disclosure. Dell PowerScale OneFS, 8.2.x-9.5.0.x, contiene una vulnerabilidad de divulgación de información en NFS. Un atacante con pocos privilegios podría explotar esta vulnerabilidad, lo que conduciría a la divulgación de información. • https://www.dell.com/support/kbdoc/en-us/000216717/dsa-2023-269-security-update-for-dell-powerscale-onefs-for-multiple-security-vulnerabilities • CWE-1230: Exposure of Sensitive Information Through Metadata •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-32487
https://notcve.org/view.php?id=CVE-2023-32487
16 Aug 2023 — Dell PowerScale OneFS, 8.2.x - 9.5.0.x, contains an elevation of privilege vulnerability. A low privileged local attacker could potentially exploit this vulnerability, leading to denial of service, code execution and information disclosure. Dell PowerScale OneFS, 8.2.x - 9.5.0.x,contiene una vulnerabilidad de elevación de privilegios. Un atacante local con pocos privilegios podría explotar esta vulnerabilidad, lo que provocaría denegación de servicio, ejecución de código y divulgación de información. • https://www.dell.com/support/kbdoc/en-us/000216717/dsa-2023-269-security-update-for-dell-powerscale-onefs-for-multiple-security-vulnerabilities • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-32495
https://notcve.org/view.php?id=CVE-2023-32495
16 Aug 2023 — Dell PowerScale OneFS, 8.2.x-9.5.x, contains a exposure of sensitive information to an unauthorized Actor vulnerability. An authorized local attacker could potentially exploit this vulnerability, leading to escalation of privileges. • https://www.dell.com/support/kbdoc/en-us/000216717/dsa-2023-269-security-update-for-dell-powerscale-onefs-for-multiple-security-vulnerabilities • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.7EPSS: 0%CPEs: 3EXPL: 0CVE-2023-32494
https://notcve.org/view.php?id=CVE-2023-32494
16 Aug 2023 — Dell PowerScale OneFS, 8.0.x-9.5.x, contains an improper handling of insufficient privileges vulnerability. A local privileged attacker could potentially exploit this vulnerability, leading to elevation of privilege and affect in compliance mode also. Dell PowerScale OneFS 8.0.x-9.5.x, contiene una vulnerabilidad de manejo inadecuado de privilegios insuficientes. Un atacante local con privilegios podría explotar esta vulnerabilidad, lo que provocaría una elevación de privilegios y afectaría también el modo ... • https://www.dell.com/support/kbdoc/en-us/000216717/dsa-2023-269-security-update-for-dell-powerscale-onefs-for-multiple-security-vulnerabilities • CWE-274: Improper Handling of Insufficient Privileges •
CVSS: 6.7EPSS: 0%CPEs: 1EXPL: 0CVE-2023-25536
https://notcve.org/view.php?id=CVE-2023-25536
02 Mar 2023 — Dell PowerScale OneFS 9.4.0.x contains exposure of sensitive information to an unauthorized actor. A malicious authenticated local user could potentially exploit this vulnerability in certificate management, leading to a potential system takeover. • https://www.dell.com/support/kbdoc/en-us/000209895/dell-emc-powerscale-onefs-security-updates-for-multiple-security • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-668: Exposure of Resource to Wrong Sphere •
CVSS: 6.0EPSS: 0%CPEs: 9EXPL: 0CVE-2022-34445
https://notcve.org/view.php?id=CVE-2022-34445
10 Feb 2023 — Dell PowerScale OneFS, versions 8.2.x through 9.3.x contain a weak encoding for a password. A malicious local privileged attacker may potentially exploit this vulnerability, leading to information disclosure. • https://www.dell.com/support/kbdoc/en-us/000205618/dsa-2022-271 • CWE-261: Weak Encoding for Password CWE-522: Insufficiently Protected Credentials •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-34444
https://notcve.org/view.php?id=CVE-2022-34444
10 Feb 2023 — Dell PowerScale OneFS, versions 9.2.0.x through 9.4.0.x contain an information vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability to cause data leak. • https://www.dell.com/support/kbdoc/en-us/000205618/dsa-2022-271 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2022-31230
https://notcve.org/view.php?id=CVE-2022-31230
28 Jun 2022 — Dell PowerScale OneFS, versions 8.2.x-9.2.x, contain broken or risky cryptographic algorithm. A remote unprivileged malicious attacker could potentially exploit this vulnerability, leading to full system access. Dell PowerScale OneFS, versiones 8.2.x-9.2.x, contienen un algoritmo criptográfico roto o arriesgado. Un atacante remoto malicioso no privilegiado podría explotar esta vulnerabilidad, conllevando a un acceso total del sistema • https://www.dell.com/support/kbdoc/en-us/000200681/dsa-2022-118-dell-emc-powerscale-onefs-security-update • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •