CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-25942
https://notcve.org/view.php?id=CVE-2023-25942
Dell PowerScale OneFS versions 8.2.x-9.4.x contain an uncontrolled resource consumption vulnerability. A malicious network user with low privileges could potentially exploit this vulnerability in SMB, leading to a potential denial of service. • https://www.dell.com/support/kbdoc/en-us/000211539/dell-emc-powerscale-onefs-security • CWE-664: Improper Control of a Resource Through its Lifetime •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-25941
https://notcve.org/view.php?id=CVE-2023-25941
Dell PowerScale OneFS versions 8.2.x-9.5.0.x contain an elevation of privilege vulnerability. A low-privileged local attacker could potentially exploit this vulnerability, leading to Denial of service, escalation of privileges, and information disclosure. This vulnerability breaks the compliance mode guarantee. • https://www.dell.com/support/kbdoc/en-us/000211539/dell-emc-powerscale-onefs-security • CWE-276: Incorrect Default Permissions •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-25940
https://notcve.org/view.php?id=CVE-2023-25940
Dell PowerScale OneFS version 9.5.0.0 contains improper link resolution before file access vulnerability in isi_gather_info. A high privileged local attacker could potentially exploit this vulnerability, leading to system takeover and it breaks the compliance mode guarantees. • https://www.dell.com/support/kbdoc/en-us/000211539/dell-emc-powerscale-onefs-security • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.4EPSS: 0%CPEs: 3EXPL: 0CVE-2021-21548
https://notcve.org/view.php?id=CVE-2021-21548
Dell EMC Unisphere for PowerMax versions before 9.1.0.27, Dell EMC Unisphere for PowerMax Virtual Appliance versions before 9.1.0.27, and PowerMax OS Release 5978 contain an improper certificate validation vulnerability. An unauthenticated remote attacker may potentially exploit this vulnerability to carry out a man-in-the-middle attack by supplying a crafted certificate and intercepting the victim's traffic to view or modify a victim’s data in transit. • https://www.dell.com/support/kbdoc/en-uk/000189606/dsa-2021-134-dell-emc-unisphere-for-powermax-dell-emc-unisphere-for-powermax-virtual-appliance-dell-emc-solutions-enabler-virtual-appliance-and-dell-emc-powermax-embedded-management-security-update-for-multiple-third-party-component-vulnerabilities • CWE-295: Improper Certificate Validation •
CVSS: 7.5EPSS: 0%CPEs: 160EXPL: 0CVE-2022-34423
https://notcve.org/view.php?id=CVE-2022-34423
Dell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service. • https://www.dell.com/support/kbdoc/en-us/000206296/dsa-2022-204-dell-poweredge-improper-smm-communication-buffer-verification-vulnerability • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •