Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Emc_powerscale_onefs
(Dell)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 82 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2023-02-01 | CVE-2023-22572 | Dell PowerScale OneFS 9.1.0.x-9.4.0.x contain an insertion of sensitive information into log file vulnerability in change password api. A low privilege local attacker could potentially exploit this vulnerability, leading to system takeover. | Emc_powerscale_onefs | 7.8 | ||
| 2023-02-01 | CVE-2023-22573 | Dell PowerScale OneFS 9.0.0.x-9.4.0.x contain an insertion of sensitive information into log file vulnerability in cloudpool. A low privileged local attacker could potentially exploit this vulnerability, leading to sensitive information disclosure. | Emc_powerscale_onefs | 5.5 | ||
| 2023-02-01 | CVE-2023-22574 | Dell PowerScale OneFS 9.0.0.x - 9.4.0.x contain an insertion of sensitive information into log file vulnerability in platform API of IPMI module. A low-privileged user with permission to read logs on the cluster could potentially exploit this vulnerability, leading to Information disclosure and denial of service. | Emc_powerscale_onefs | 8.1 | ||
| 2023-02-01 | CVE-2023-22575 | Dell PowerScale OneFS 9.0.0.x - 9.4.0.x contain an insertion of sensitive information into log file vulnerability in celog. A low privileges user could potentially exploit this vulnerability, leading to information disclosure and escalation of privileges. | Emc_powerscale_onefs | 8.8 | ||
| 2023-02-10 | CVE-2022-34454 | Dell PowerScale OneFS, versions 8.2.x-9.3.x, contain a heap-based buffer overflow. A local privileged malicious user could potentially exploit this vulnerability, leading to system takeover. This impacts compliance mode clusters. | Emc_powerscale_onefs | 6.7 | ||
| 2023-02-10 | CVE-2022-33934 | Dell PowerScale OneFS, versions 8.2.x through 9.4.x contain multiple stored cross-site scripting vulnerabilities. A remote authenticated malicious user with high privileges may potentially exploit these vulnerabilities to store malicious HTML or JavaScript code through multiple affected fields. | Emc_powerscale_onefs | 4.8 | ||
| 2023-02-28 | CVE-2023-25540 | Dell PowerScale OneFS 9.4.0.x contains an incorrect default permissions vulnerability. A local malicious user could potentially exploit this vulnerability to overwrite arbitrary files causing denial of service. | Emc_powerscale_onefs | 7.1 | ||
| 2023-04-04 | CVE-2023-25940 | Dell PowerScale OneFS version 9.5.0.0 contains improper link resolution before file access vulnerability in isi_gather_info. A high privileged local attacker could potentially exploit this vulnerability, leading to system takeover and it breaks the compliance mode guarantees. | Emc_powerscale_onefs | 7.8 | ||
| 2023-04-04 | CVE-2023-25941 | Dell PowerScale OneFS versions 8.2.x-9.5.0.x contain an elevation of privilege vulnerability. A low-privileged local attacker could potentially exploit this vulnerability, leading to Denial of service, escalation of privileges, and information disclosure. This vulnerability breaks the compliance mode guarantee. | Emc_powerscale_onefs | 7.8 | ||
| 2023-04-04 | CVE-2023-25942 | Dell PowerScale OneFS versions 8.2.x-9.4.x contain an uncontrolled resource consumption vulnerability. A malicious network user with low privileges could potentially exploit this vulnerability in SMB, leading to a potential denial of service. | Emc_powerscale_onefs | 6.5 |