CVE-2023-32494
https://notcve.org/view.php?id=CVE-2023-32494
Dell PowerScale OneFS, 8.0.x-9.5.x, contains an improper handling of insufficient privileges vulnerability. A local privileged attacker could potentially exploit this vulnerability, leading to elevation of privilege and affect in compliance mode also. Dell PowerScale OneFS 8.0.x-9.5.x, contiene una vulnerabilidad de manejo inadecuado de privilegios insuficientes. Un atacante local con privilegios podría explotar esta vulnerabilidad, lo que provocaría una elevación de privilegios y afectaría también el modo de cumplimiento. • https://www.dell.com/support/kbdoc/en-us/000216717/dsa-2023-269-security-update-for-dell-powerscale-onefs-for-multiple-security-vulnerabilities • CWE-274: Improper Handling of Insufficient Privileges •
CVE-2022-34445
https://notcve.org/view.php?id=CVE-2022-34445
Dell PowerScale OneFS, versions 8.2.x through 9.3.x contain a weak encoding for a password. A malicious local privileged attacker may potentially exploit this vulnerability, leading to information disclosure. • https://www.dell.com/support/kbdoc/en-us/000205618/dsa-2022-271 • CWE-261: Weak Encoding for Password CWE-522: Insufficiently Protected Credentials •
CVE-2022-34444
https://notcve.org/view.php?id=CVE-2022-34444
Dell PowerScale OneFS, versions 9.2.0.x through 9.4.0.x contain an information vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability to cause data leak. • https://www.dell.com/support/kbdoc/en-us/000205618/dsa-2022-271 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVE-2022-31230
https://notcve.org/view.php?id=CVE-2022-31230
Dell PowerScale OneFS, versions 8.2.x-9.2.x, contain broken or risky cryptographic algorithm. A remote unprivileged malicious attacker could potentially exploit this vulnerability, leading to full system access. Dell PowerScale OneFS, versiones 8.2.x-9.2.x, contienen un algoritmo criptográfico roto o arriesgado. Un atacante remoto malicioso no privilegiado podría explotar esta vulnerabilidad, conllevando a un acceso total del sistema • https://www.dell.com/support/kbdoc/en-us/000200681/dsa-2022-118-dell-emc-powerscale-onefs-security-update • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVE-2022-31229
https://notcve.org/view.php?id=CVE-2022-31229
Dell PowerScale OneFS, 8.2.x through 9.3.0.x, contain an error message with sensitive information. An administrator could potentially exploit this vulnerability, leading to disclosure of sensitive information. This sensitive information can be used to access sensitive resources. Dell PowerScale OneFS, versiones 8.2.x hasta 9.3.0.x, contienen un mensaje de error con información confidencial. Un administrador podría explotar esta vulnerabilidad, conllevando a una divulgación de información confidencial. • https://www.dell.com/support/kbdoc/en-us/000200681/dsa-2022-118-dell-emc-powerscale-onefs-security-update?lang=en • CWE-209: Generation of Error Message Containing Sensitive Information •