CVE-2023-44288 – Dell PowerScale OneFS versions 8.2.2.x through ... (How to Fix)

Q: What is the severity of CVE-2023-44288?

CVE-2023-44288 has a CVSS score of 7.5 (HIGH). Dell PowerScale OneFS versions 8.2.2.x through 9.6.0.x contain an improper resource lifetime control vulnerability. An unauthenticated network attacker can exploit this to cause denial of service. Organizations using affected Dell PowerScale storage systems are at risk.

📋 TL;DR

Dell PowerScale OneFS versions 8.2.2.x through 9.6.0.x contain an improper resource lifetime control vulnerability. An unauthenticated network attacker can exploit this to cause denial of service. Organizations using affected Dell PowerScale storage systems are at risk.

💻 Affected Systems

Products:

Dell PowerScale OneFS

Versions: 8.2.2.x through 9.6.0.x

Operating Systems: OneFS

Default Config Vulnerable: ⚠️ Yes

Notes: All configurations running affected versions are vulnerable. No special configuration required for exploitation.

📦 What is this software?

Powerscale Onefs by Dell

View all CVEs affecting Powerscale Onefs →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system unavailability, disrupting all storage operations and potentially affecting dependent applications and services.

🟠

Likely Case

Service disruption affecting storage availability, leading to application downtime and operational impact.

🟢

If Mitigated

Limited or no impact if systems are patched, network access is restricted, and proper monitoring is in place.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Unauthenticated network access makes exploitation straightforward. No authentication required.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Versions beyond 9.6.0.x (check Dell advisory for specific patched versions)

Vendor Advisory: https://www.dell.com/support/kbdoc/en-us/000219932/dsa-2023-417-dell-powerscale-onefs-security-updates-for-multiple-security-vulnerabilities

Restart Required: Yes

Instructions:

1. Review Dell advisory DSA-2023-417. 2. Download appropriate patch from Dell support. 3. Apply patch following Dell's update procedures. 4. Reboot system as required.

🔧 Temporary Workarounds

Network Segmentation

all

Restrict network access to PowerScale systems to trusted networks only

Firewall Rules

all

Implement firewall rules to block unnecessary inbound traffic to PowerScale management interfaces

🧯 If You Can't Patch

Implement strict network access controls to limit exposure
Monitor systems closely for signs of DoS attacks and have incident response ready

🔍 How to Verify

Check if Vulnerable:

Check OneFS version via CLI: 'isi version' or web interface. If version is between 8.2.2.x and 9.6.0.x inclusive, system is vulnerable.

Check Version:

isi version

Verify Fix Applied:

After patching, verify version is beyond 9.6.0.x using 'isi version' command.

📡 Detection & Monitoring

Log Indicators:

Unusual network traffic patterns
System resource exhaustion logs
Connection spikes from unauthenticated sources

Network Indicators:

Abnormal traffic volume to PowerScale ports
Connection attempts from unexpected sources

SIEM Query:

source="powerscale" AND (event_type="resource_exhaustion" OR connection_count > threshold)

📊 Metadata

CVE ID: CVE-2023-44288

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-664

Published: December 5, 2023

Last Updated: February 20, 2026

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-44288, you might also want to check these: