Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Emc_powerscale_onefs
(Dell)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 82 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2022-09-02 | CVE-2022-34378 | Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.20, 9.2.1.13, 9.3.0.6, and 9.4.0.3, contain a relative path traversal vulnerability. A low privileged local attacker could potentially exploit this vulnerability, leading to denial of service. | Emc_powerscale_onefs | 5.5 | ||
| 2022-10-21 | CVE-2022-31239 | Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.19, 9.2.1.12, and 9.3.0.6, contain sensitive data in log files vulnerability. A privileged local user may potentially exploit this vulnerability, leading to disclosure of this sensitive data. | Emc_powerscale_onefs | 4.4 | ||
| 2022-10-21 | CVE-2022-34437 | Dell PowerScale OneFS, versions 8.2.2-9.3.0, contain an OS command injection vulnerability. A privileged local malicious user could potentially exploit this vulnerability, leading to a full system compromise. This impacts compliance mode clusters. | Emc_powerscale_onefs | 6.7 | ||
| 2022-10-21 | CVE-2022-34439 | Dell PowerScale OneFS, versions 8.2.0.x-9.4.0.x contain allocation of Resources Without Limits or Throttling vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to denial of service and performance issue on that node. | Emc_powerscale_onefs | 7.5 | ||
| 2023-02-01 | CVE-2022-45095 | Dell PowerScale OneFS, 8.2.x-9.4.x, contain a command injection vulnerability. An authenticated user having access local shell and having the privilege to gather logs from the cluster could potentially exploit this vulnerability, leading to execute arbitrary commands, denial of service, information disclosure, and data deletion. | Emc_powerscale_onefs | 6.7 | ||
| 2023-02-01 | CVE-2022-45096 | Dell PowerScale OneFS, 8.2.0 through 9.3.0, contain an User Interface Security Issue. An unauthenticated remote user could unintentionally lead an administrator to enable this vulnerability, leading to disclosure of information. | Emc_powerscale_onefs | 6.5 | ||
| 2023-02-01 | CVE-2022-45097 | Dell PowerScale OneFS 9.0.0.x-9.4.0.x contains an Incorrect User Management vulnerability. A low privileged network attacker could potentially exploit this vulnerability, leading to escalation of privileges, and information disclosure. | Emc_powerscale_onefs | 8.8 | ||
| 2023-02-01 | CVE-2022-45101 | Dell PowerScale OneFS 9.0.0.x - 9.4.0.x, contains an Improper Handling of Insufficient Privileges vulnerability in NFS. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to information disclosure and remote execution. | Emc_powerscale_onefs | 9.8 | ||
| 2023-02-01 | CVE-2022-45098 | Dell PowerScale OneFS, 9.0.0.x-9.4.0.x, contain a cleartext storage of sensitive information vulnerability in S3 component. An authenticated local attacker could potentially exploit this vulnerability, leading to information disclosure. | Emc_powerscale_onefs | 5.5 | ||
| 2023-02-01 | CVE-2022-45099 | Dell PowerScale OneFS, versions 8.2.x-9.4.x, contain a weak encoding for a NDMP password. A malicious and privileged local attacker could potentially exploit this vulnerability, leading to a full system compromise | Emc_powerscale_onefs | 7.8 |