Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Emc_powerscale_onefs
(Dell)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 82 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2023-02-01 | CVE-2022-45100 | Dell PowerScale OneFS, versions 8.2.x-9.3.x, contains an Improper Certificate Validation vulnerability. An remote unauthenticated attacker could potentially exploit this vulnerability, leading to a full compromise of the system. | Emc_powerscale_onefs | 9.8 | ||
| 2023-02-01 | CVE-2022-46679 | Dell PowerScale OneFS 8.2.x, 9.0.0.x - 9.4.0.x, contain an insufficient resource pool vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to denial of service. | Emc_powerscale_onefs | 7.5 | ||
| 2023-02-01 | CVE-2023-22572 | Dell PowerScale OneFS 9.1.0.x-9.4.0.x contain an insertion of sensitive information into log file vulnerability in change password api. A low privilege local attacker could potentially exploit this vulnerability, leading to system takeover. | Emc_powerscale_onefs | 7.8 | ||
| 2023-02-01 | CVE-2023-22573 | Dell PowerScale OneFS 9.0.0.x-9.4.0.x contain an insertion of sensitive information into log file vulnerability in cloudpool. A low privileged local attacker could potentially exploit this vulnerability, leading to sensitive information disclosure. | Emc_powerscale_onefs | 5.5 | ||
| 2023-02-01 | CVE-2023-22574 | Dell PowerScale OneFS 9.0.0.x - 9.4.0.x contain an insertion of sensitive information into log file vulnerability in platform API of IPMI module. A low-privileged user with permission to read logs on the cluster could potentially exploit this vulnerability, leading to Information disclosure and denial of service. | Emc_powerscale_onefs | 8.1 | ||
| 2023-02-01 | CVE-2023-22575 | Dell PowerScale OneFS 9.0.0.x - 9.4.0.x contain an insertion of sensitive information into log file vulnerability in celog. A low privileges user could potentially exploit this vulnerability, leading to information disclosure and escalation of privileges. | Emc_powerscale_onefs | 8.8 | ||
| 2023-02-10 | CVE-2022-34454 | Dell PowerScale OneFS, versions 8.2.x-9.3.x, contain a heap-based buffer overflow. A local privileged malicious user could potentially exploit this vulnerability, leading to system takeover. This impacts compliance mode clusters. | Emc_powerscale_onefs | 6.7 | ||
| 2023-02-10 | CVE-2022-33934 | Dell PowerScale OneFS, versions 8.2.x through 9.4.x contain multiple stored cross-site scripting vulnerabilities. A remote authenticated malicious user with high privileges may potentially exploit these vulnerabilities to store malicious HTML or JavaScript code through multiple affected fields. | Emc_powerscale_onefs | 4.8 | ||
| 2023-02-28 | CVE-2023-25540 | Dell PowerScale OneFS 9.4.0.x contains an incorrect default permissions vulnerability. A local malicious user could potentially exploit this vulnerability to overwrite arbitrary files causing denial of service. | Emc_powerscale_onefs | 7.1 | ||
| 2023-04-04 | CVE-2023-25940 | Dell PowerScale OneFS version 9.5.0.0 contains improper link resolution before file access vulnerability in isi_gather_info. A high privileged local attacker could potentially exploit this vulnerability, leading to system takeover and it breaks the compliance mode guarantees. | Emc_powerscale_onefs | 7.8 |