Dell PowerScale OneFS, versions 9.4.0.0 through 9.10.0.1, contains an incorrect authorization vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability to access the cluster with previous privileges of a disabled user account.
oryginał ENCVSS Vector
CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:HDell Powerscale Onefs
APPDell9.4.0 – 9.10.1.1
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
Tagi
Auth Bypass
CWE
Powiązane podatności
CVE-2024-53298CRITICAL9.8PL ✓ten sam produkt
Brak autoryzacji w NFS export — Dell PowerScale OneFS (Auth Bypass)
CVE-2025-27690CRITICAL9.8PL ✓ten sam produkt
Dell PowerScale OneFS — przejęcie konta przez domyślne hasło
CVE-2022-31229CRITICAL9.6ten sam produkt
Dell PowerScale OneFS, 8.2.x through 9.3.0.x, contain an error message with sensitive information. An administ...
CVE-2026-22278HIGH8.1ten sam produkt
Dell PowerScale OneFS versions prior to 9.13.0.0 contains an improper restriction of excessive authentication ...
CVE-2025-26481HIGH7.5ten sam produkt
Dell PowerScale OneFS, versions 9.4.0.0 through 9.9.0.0, contains an uncontrolled resource consumption vulnera...