CVE-2026-25907 – Dell PowerScale OneFS version 9.13.0.0 has an o... (How to Fix)

Q: What is the severity of CVE-2026-25907?

CVE-2026-25907 has a CVSS score of 5.3 (MEDIUM). Dell PowerScale OneFS version 9.13.0.0 has an overly restrictive account lockout mechanism that allows unauthenticated remote attackers to trigger account lockouts, potentially causing denial of service. This affects organizations using vulnerable Dell PowerScale storage systems with OneFS management interfaces exposed to untrusted networks.

📋 TL;DR

Dell PowerScale OneFS version 9.13.0.0 has an overly restrictive account lockout mechanism that allows unauthenticated remote attackers to trigger account lockouts, potentially causing denial of service. This affects organizations using vulnerable Dell PowerScale storage systems with OneFS management interfaces exposed to untrusted networks.

💻 Affected Systems

Products:

Dell PowerScale OneFS

Versions: 9.13.0.0

Operating Systems: OneFS (PowerScale's proprietary OS)

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects systems with management interfaces accessible to attackers. Systems behind proper network segmentation are less vulnerable.

📦 What is this software?

Powerscale Onefs by Dell

View all CVEs affecting Powerscale Onefs →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Critical administrative accounts become locked out, preventing legitimate administrators from managing storage systems, potentially disrupting business operations until manual intervention.

🟠

Likely Case

Attacker repeatedly triggers account lockouts for administrative accounts, causing temporary denial of service for legitimate administrators attempting to access management interfaces.

🟢

If Mitigated

With proper network segmentation and access controls, only authorized internal users can reach management interfaces, limiting attack surface.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

The vulnerability description indicates unauthenticated remote attackers can exploit this, suggesting simple attack vectors like repeated authentication attempts.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Apply patch from DSA-2026-095

Vendor Advisory: https://www.dell.com/support/kbdoc/en-sg/000434591/dsa-2026-095-security-update-for-dell-powerscale-onefs-overly-restrictive-account-lockout-mechanism-vulnerability

Restart Required: Yes

Instructions:

1. Download the security patch from Dell Support. 2. Apply the patch following Dell's update procedures. 3. Restart affected PowerScale nodes as required. 4. Verify the update was successful.

🔧 Temporary Workarounds

Network Segmentation

all

Restrict access to PowerScale management interfaces to trusted internal networks only.

Firewall Rules

all

Implement firewall rules to block external access to PowerScale management ports (typically 8080, 9090 for web interfaces).

🧯 If You Can't Patch

Implement strict network access controls to limit who can reach PowerScale management interfaces
Monitor authentication logs for unusual lockout patterns and implement alerting

🔍 How to Verify

Check if Vulnerable:

Check if running OneFS version 9.13.0.0 via SSH: 'isi version' or web interface System Health page.

Check Version:

isi version

Verify Fix Applied:

Verify patch application via 'isi upgrade list' showing applied patches, and confirm version is no longer vulnerable.

📡 Detection & Monitoring

Log Indicators:

Multiple failed authentication attempts followed by account lockout messages in authentication logs
Unusual source IPs attempting authentication to management interfaces

Network Indicators:

High volume of authentication requests to PowerScale management ports from single or multiple sources
Traffic patterns showing repeated login attempts

SIEM Query:

source="powerscale_logs" AND ("authentication failed" OR "account locked") | stats count by src_ip, user

📊 Metadata

CVE ID: CVE-2026-25907

CVSS v3 Score: 5.3 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

CWE: CWE-645

Published: March 4, 2026

Last Updated: March 4, 2026

🔗 References

https://www.dell.com/support/kbdoc/en-sg/000434591/dsa-2026-095-security-update-for-dell-powerscale-onefs-overly-restrictive-account-lockout-mechanism-vulnerability Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2026-25907, you might also want to check these: