CVE-2021-21567 – This vulnerability allows authenticated users w... (How to Fix)

Q: What is the severity of CVE-2021-21567?

CVE-2021-21567 has a CVSS score of 7.8 (HIGH). This vulnerability allows authenticated users with SSH or console login privileges on Dell PowerScale OneFS systems to elevate their privileges beyond intended levels. It affects Dell PowerScale OneFS version 9.1.0.x. Attackers could gain administrative control of affected storage systems.

📋 TL;DR

This vulnerability allows authenticated users with SSH or console login privileges on Dell PowerScale OneFS systems to elevate their privileges beyond intended levels. It affects Dell PowerScale OneFS version 9.1.0.x. Attackers could gain administrative control of affected storage systems.

💻 Affected Systems

Products:

Dell PowerScale OneFS

Versions: 9.1.0.x

Operating Systems: OneFS

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects systems where users have ISI_PRIV_LOGIN_SSH and/or ISI_PRIV_LOGIN_CONSOLE privileges.

📦 What is this software?

Powerscale Onefs by Dell

View all CVEs affecting Powerscale Onefs →

Powerscale Onefs by Dell

View all CVEs affecting Powerscale Onefs →

⚠️ Risk & Real-World Impact

🔴

Worst Case

An authenticated attacker gains full administrative control over the PowerScale cluster, potentially accessing sensitive data, modifying configurations, or disrupting storage operations.

🟠

Likely Case

Malicious insiders or compromised accounts with SSH/console access escalate to root privileges to access sensitive data or modify system configurations.

🟢

If Mitigated

With proper access controls and monitoring, impact is limited to unauthorized privilege escalation attempts that are detected and blocked.

🌐 Internet-Facing: MEDIUM

🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: LOW

Requires authenticated access with specific privileges. No public exploit code available.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 9.2.0.0 or later

Vendor Advisory: https://www.dell.com/support/kbdoc/000189495

Restart Required: Yes

Instructions:

1. Review Dell advisory 000189495. 2. Upgrade to OneFS 9.2.0.0 or later. 3. Follow Dell's upgrade procedures for PowerScale clusters. 4. Restart affected services.

🔧 Temporary Workarounds

Restrict SSH and Console Access

linux

Limit users with ISI_PRIV_LOGIN_SSH and ISI_PRIV_LOGIN_CONSOLE privileges to trusted administrators only.

isi auth privileges modify --privilege=ISI_PRIV_LOGIN_SSH --users=<trusted_users>
isi auth privileges modify --privilege=ISI_PRIV_LOGIN_CONSOLE --users=<trusted_users>

🧯 If You Can't Patch

Implement strict access controls to limit SSH and console privileges to essential personnel only.
Monitor authentication logs for privilege escalation attempts and review user privilege assignments regularly.

🔍 How to Verify

Check if Vulnerable:

Check OneFS version with 'isi version' command. If version starts with 9.1.0., system is vulnerable.

Check Version:

isi version

Verify Fix Applied:

After upgrade, verify version is 9.2.0.0 or later using 'isi version' command.

📡 Detection & Monitoring

Log Indicators:

Unusual privilege escalation attempts in authentication logs
Multiple failed privilege elevation attempts from same user

Network Indicators:

Unusual SSH traffic patterns to PowerScale management interfaces

SIEM Query:

source="powerscale" AND (event_type="privilege_escalation" OR event_type="auth_failure")

📊 Metadata

CVE ID: CVE-2021-21567

CVSS v3 Score: 7.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-732

Published: August 10, 2021

Last Updated: February 20, 2026

🔗 References

https://www.dell.com/support/kbdoc/000189495 Patch,Vendor Advisory
https://www.dell.com/support/kbdoc/000189495 Patch,Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2021-21567, you might also want to check these: