CVSS: 6.7EPSS: 0%CPEs: 3EXPL: 0CVE-2023-32490
https://notcve.org/view.php?id=CVE-2023-32490
16 Aug 2023 — Dell PowerScale OneFS 8.2x -9.5x contains an improper privilege management vulnerability. A high privilege local attacker could potentially exploit this vulnerability, leading to system takeover. • https://www.dell.com/support/kbdoc/en-us/000216717/dsa-2023-269-security-update-for-dell-powerscale-onefs-for-multiple-security-vulnerabilities • CWE-269: Improper Privilege Management •
CVSS: 6.7EPSS: 0%CPEs: 3EXPL: 0CVE-2023-32489
https://notcve.org/view.php?id=CVE-2023-32489
16 Aug 2023 — Dell PowerScale OneFS 8.2x -9.5x contains a privilege escalation vulnerability. A local attacker with high privileges could potentially exploit this vulnerability, to bypass mode protections and gain elevated privileges. • https://www.dell.com/support/kbdoc/en-us/000216717/dsa-2023-269-security-update-for-dell-powerscale-onefs-for-multiple-security-vulnerabilities • CWE-280: Improper Handling of Insufficient Permissions or Privileges •
CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0CVE-2023-32488
https://notcve.org/view.php?id=CVE-2023-32488
16 Aug 2023 — Dell PowerScale OneFS, 8.2.x-9.5.0.x, contains an information disclosure vulnerability in NFS. A low privileged attacker could potentially exploit this vulnerability, leading to information disclosure. Dell PowerScale OneFS, 8.2.x-9.5.0.x, contiene una vulnerabilidad de divulgación de información en NFS. Un atacante con pocos privilegios podría explotar esta vulnerabilidad, lo que conduciría a la divulgación de información. • https://www.dell.com/support/kbdoc/en-us/000216717/dsa-2023-269-security-update-for-dell-powerscale-onefs-for-multiple-security-vulnerabilities • CWE-1230: Exposure of Sensitive Information Through Metadata •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-32487
https://notcve.org/view.php?id=CVE-2023-32487
16 Aug 2023 — Dell PowerScale OneFS, 8.2.x - 9.5.0.x, contains an elevation of privilege vulnerability. A low privileged local attacker could potentially exploit this vulnerability, leading to denial of service, code execution and information disclosure. Dell PowerScale OneFS, 8.2.x - 9.5.0.x,contiene una vulnerabilidad de elevación de privilegios. Un atacante local con pocos privilegios podría explotar esta vulnerabilidad, lo que provocaría denegación de servicio, ejecución de código y divulgación de información. • https://www.dell.com/support/kbdoc/en-us/000216717/dsa-2023-269-security-update-for-dell-powerscale-onefs-for-multiple-security-vulnerabilities • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-32495
https://notcve.org/view.php?id=CVE-2023-32495
16 Aug 2023 — Dell PowerScale OneFS, 8.2.x-9.5.x, contains a exposure of sensitive information to an unauthorized Actor vulnerability. An authorized local attacker could potentially exploit this vulnerability, leading to escalation of privileges. • https://www.dell.com/support/kbdoc/en-us/000216717/dsa-2023-269-security-update-for-dell-powerscale-onefs-for-multiple-security-vulnerabilities • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.7EPSS: 0%CPEs: 3EXPL: 0CVE-2023-32494
https://notcve.org/view.php?id=CVE-2023-32494
16 Aug 2023 — Dell PowerScale OneFS, 8.0.x-9.5.x, contains an improper handling of insufficient privileges vulnerability. A local privileged attacker could potentially exploit this vulnerability, leading to elevation of privilege and affect in compliance mode also. Dell PowerScale OneFS 8.0.x-9.5.x, contiene una vulnerabilidad de manejo inadecuado de privilegios insuficientes. Un atacante local con privilegios podría explotar esta vulnerabilidad, lo que provocaría una elevación de privilegios y afectaría también el modo ... • https://www.dell.com/support/kbdoc/en-us/000216717/dsa-2023-269-security-update-for-dell-powerscale-onefs-for-multiple-security-vulnerabilities • CWE-274: Improper Handling of Insufficient Privileges •
CVSS: 6.7EPSS: 0%CPEs: 1EXPL: 0CVE-2023-25536
https://notcve.org/view.php?id=CVE-2023-25536
02 Mar 2023 — Dell PowerScale OneFS 9.4.0.x contains exposure of sensitive information to an unauthorized actor. A malicious authenticated local user could potentially exploit this vulnerability in certificate management, leading to a potential system takeover. • https://www.dell.com/support/kbdoc/en-us/000209895/dell-emc-powerscale-onefs-security-updates-for-multiple-security • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-668: Exposure of Resource to Wrong Sphere •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-34444
https://notcve.org/view.php?id=CVE-2022-34444
10 Feb 2023 — Dell PowerScale OneFS, versions 9.2.0.x through 9.4.0.x contain an information vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability to cause data leak. • https://www.dell.com/support/kbdoc/en-us/000205618/dsa-2022-271 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 9.6EPSS: 0%CPEs: 1EXPL: 0CVE-2022-31229
https://notcve.org/view.php?id=CVE-2022-31229
28 Jun 2022 — Dell PowerScale OneFS, 8.2.x through 9.3.0.x, contain an error message with sensitive information. An administrator could potentially exploit this vulnerability, leading to disclosure of sensitive information. This sensitive information can be used to access sensitive resources. Dell PowerScale OneFS, versiones 8.2.x hasta 9.3.0.x, contienen un mensaje de error con información confidencial. Un administrador podría explotar esta vulnerabilidad, conllevando a una divulgación de información confidencial. • https://www.dell.com/support/kbdoc/en-us/000200681/dsa-2022-118-dell-emc-powerscale-onefs-security-update?lang=en • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2021-36350
https://notcve.org/view.php?id=CVE-2021-36350
21 Dec 2021 — Dell PowerScale OneFS, versions 8.2.2-9.3.0.x, contain an authentication bypass by primary weakness in one of the authentication factors. A remote unauthenticated attacker may potentially exploit this vulnerability and bypass one of the factors of authentication. Dell PowerScale OneFS, versiones 8.2.2-9.3.0.x, contienen una omisión de autenticación por debilidad primaria en uno de los factores de autenticación. Un atacante remoto no autenticado puede explotar potencialmente esta vulnerabilidad y omitir uno ... • https://www.dell.com/support/kbdoc/000194157 • CWE-287: Improper Authentication •