dell emc powerscale onefs 8.2.2 vulnerabilities and exploits

(subscribe to this query)

9.8

CVSSv3

Dell PowerScale OneFS versions 8.1.0 – 9.1.0 contain a "use of SSH key past account expiration" vulnerability. A user on the network with the ISI_PRIV_AUTH_SSH RBAC privilege that has an expired account may potentially exploit this vulnerability, giving them acces...

Dell Emc Powerscale Onefs 9.0.0 Dell Emc Powerscale Onefs 8.1.0 Dell Emc Powerscale Onefs 8.1.1 Dell Emc Powerscale Onefs 8.2.0 Dell Emc Powerscale Onefs 8.2.1 Dell Emc Powerscale Onefs 8.1.2 Dell Emc Powerscale Onefs 8.2.2 Dell Emc Powerscale Onefs 9.1.0

9.1

CVSSv3

Dell PowerScale OneFS, 8.2.2-9.3.x, contains a predictable file name from observable state vulnerability. An unprivileged network attacker could potentially exploit this vulnerability, leading to data loss.

Dell Emc Powerscale Onefs

9.1

CVSSv3

Dell PowerScale OneFS 8.1.0 - 9.1.0 contains an LDAP Provider inability to connect over TLSv1.2 vulnerability. It may make it easier to eavesdrop and decrypt such traffic for a malicious actor. Note: This does not affect clusters which are not relying on an LDAP server for the au...

Dell Emc Powerscale Onefs 8.1.0 Dell Emc Powerscale Onefs 8.1.1 Dell Emc Powerscale Onefs 8.1.2 Dell Emc Powerscale Onefs 8.2.2

8.8

CVSSv3

Dell EMC PowerScale OneFS versions 8.2.x - 9.2.x contain an incorrect permission assignment vulnerability. A low privileged authenticated user can potentially exploit this vulnerability to escalate privileges.

Dell Emc Powerscale Onefs 8.2.2 Dell Emc Powerscale Onefs

8.8

CVSSv3

The Dell Isilon OneFS versions 8.2.2 and previous versions and Dell EMC PowerScale OneFS version 9.0.0 default configuration for Network File System (NFS) allows access to an 'admin' home directory. An attacker may leverage a spoofed Unique Identifier (UID) over NFS to ...

Dell Emc Isilon Onefs Dell Emc Powerscale Onefs 9.0.0

8.8

CVSSv3

PowerScale OneFS 8.1.2,8.2.2 and 9.1.0 contains an improper input sanitization issue in its API handler. An un-authtenticated with ISI_PRIV_SYS_SUPPORT and ISI_PRIV_LOGIN_PAPI privileges could potentially exploit this vulnerability, leading to potential privileges escalation.

Dell Emc Powerscale Onefs 8.1.2 Dell Emc Powerscale Onefs 8.2.2 Dell Emc Powerscale Onefs 9.1.0

8.8

CVSSv3

Dell EMC Isilon OneFS versions 8.2.2 and previous versions and Dell EMC PowerScale OneFS version 9.0.0 contain a privilege escalation vulnerability. An authenticated malicious user may exploit this vulnerability by using SyncIQ to gain unauthorized access to system management fil...

Dell Emc Isilon Onefs 8.2.2 Dell Emc Powerscale Onefs 9.0.0

8.8

CVSSv3

Dell EMC Isilon OneFS versions 8.2.2 and previous versions and Dell EMC PowerScale version 9.0.0 contain a file permissions vulnerability. An attacker, with network or local file access, could take advantage of insufficiently applied file permissions or gain unauthorized access t...

Dell Emc Isilon Onefs Dell Emc Powerscale Onefs 9.0.0

7.8

CVSSv3

Dell PowerScale OneFS 8.2.2 and above contain an elevation of privilege vulnerability. A local attacker with ISI_PRIV_LOGIN_SSH and/or ISI_PRIV_LOGIN_CONSOLE could potentially exploit this vulnerability, leading to elevation of privilege. This could potentially allow users to cir...

Dell Emc Powerscale Onefs

7.8

CVSSv3

Dell EMC PowerScale OneFS versions 8.2.x - 9.2.x contain an incorrect permission assignment for critical resource vulnerability. This could allow a user with ISI_PRIV_LOGIN_SSH or ISI_PRIV_LOGIN_CONSOLE to access privileged information about the cluster.

Dell Emc Powerscale Onefs 8.2.2 Dell Emc Powerscale Onefs

Get Started

1 2 3 4 NEXT »

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook