Dell PowerScale OneFS, versions 9.4.0.0 through 9.10.0.1, contains an incorrect authorization vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability to access the cluster with previous privileges of a disabled user account.
CVSS Vector
CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:HDell Powerscale Onefs
APPDell9.4.0 – 9.10.1.1
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
Tags
Auth Bypass
CWE
Related vulnerabilities
CVE-2024-53298CRITICAL9.8PL ✓ten sam produkt
Brak autoryzacji w NFS export — Dell PowerScale OneFS (Auth Bypass)
CVE-2025-27690CRITICAL9.8PL ✓ten sam produkt
Dell PowerScale OneFS — przejęcie konta przez domyślne hasło
CVE-2022-31229CRITICAL9.6ten sam produkt
Dell PowerScale OneFS, 8.2.x through 9.3.0.x, contain an error message with sensitive information. An administ...
CVE-2026-22278HIGH8.1ten sam produkt
Dell PowerScale OneFS versions prior to 9.13.0.0 contains an improper restriction of excessive authentication ...
CVE-2025-26481HIGH7.5ten sam produkt
Dell PowerScale OneFS, versions 9.4.0.0 through 9.9.0.0, contains an uncontrolled resource consumption vulnera...