📦 Emc Powerscale Onefs
by Dell
🔍 What is Emc Powerscale Onefs?
Description coming soon...
🛡️ Security Overview
Click on a severity to filter vulnerabilities
⚠️ Known Vulnerabilities
Dell PowerScale OneFS versions 8.2.2 through 9.3.x contain a predictable file name vulnerability that allows unprivileged network attackers to potentially cause data loss. The vulnerability stems from...
Dell PowerScale OneFS versions 8.2.x through 9.5.0.x contain a local privilege escalation vulnerability. A low-privileged local attacker could exploit this to gain elevated privileges, potentially lea...
Dell PowerScale OneFS versions 8.2.x through 9.4.x contain stored cross-site scripting (XSS) vulnerabilities. Remote authenticated users with high privileges can inject malicious HTML/JavaScript into ...
Dell PowerScale OneFS versions 9.1.0.x through 9.4.0.x log sensitive information (likely passwords) when users change passwords via the API. A local attacker with low privileges could read these logs ...
This vulnerability in Dell PowerScale OneFS involves weak encoding for NDMP passwords, allowing a malicious privileged local attacker to potentially compromise the entire system. It affects versions 8...
CVE-2022-45101 is an improper privilege handling vulnerability in Dell PowerScale OneFS NFS implementation. Remote unauthenticated attackers can exploit this to gain unauthorized access, potentially l...
This vulnerability allows an unprivileged network attacker to cause a denial-of-service condition in Dell PowerScale OneFS SmartConnect. It affects Dell PowerScale OneFS versions 8.2.x through 9.3.0.x...
CVE-2022-24412 is an improper handling of value vulnerability in Dell EMC PowerScale OneFS, allowing an unprivileged network attacker to cause a denial-of-service. It affects PowerScale OneFS versions...
CVE-2022-22549 is an improper certificate validation vulnerability in Dell PowerScale OneFS storage systems. Unauthenticated remote attackers can exploit this to perform man-in-the-middle attacks and ...
Dell PowerScale OneFS version 9.3.0 uses a broken or risky cryptographic algorithm, allowing unprivileged network attackers to potentially decrypt sensitive information. This affects organizations run...
Dell PowerScale OneFS versions 8.2.x through 9.3.0.x have an authentication rate limiting vulnerability that allows unauthenticated remote attackers to perform brute-force attacks. This could lead to ...
Dell PowerScale OneFS versions 8.2.x through 9.2.x contain weak cryptographic algorithms that could allow a remote attacker without privileges to gain full system access. This affects Dell PowerScale ...
Dell PowerScale OneFS versions 8.2.2 through 9.1.0.x have a vulnerability where sensitive data can be exposed through GET requests containing sensitive query strings. This affects all administrators a...
Dell EMC PowerScale OneFS versions 8.2.x through 9.2.x contain an incorrect permission assignment vulnerability that allows users with SSH or console login privileges to access privileged cluster info...
Dell EMC PowerScale OneFS versions 8.2.x, 9.1.0.x, and 9.1.1.1 expose sensitive information in log files. Local users with specific privileges (ISI_PRIV_LOGIN_SSH, ISI_PRIV_LOGIN_CONSOLE, or ISI_PRIV_...
This vulnerability allows attackers to spoof their UID over NFS to gain write access to the admin home directory on affected Dell Isilon/PowerScale systems. Attackers can rewrite sensitive files to es...
Dell PowerScale OneFS versions 8.1.0 through 9.1.0 have an LDAP Provider vulnerability where it cannot establish TLSv1.2 connections to LDAP servers. This allows attackers to potentially intercept and...
CVE-2021-21503 is an improper input sanitization vulnerability in PowerScale OneFS that allows authenticated Compadmin users to execute arbitrary commands with elevated privileges. This affects PowerS...
Dell EMC PowerScale OneFS versions 8.1.0 through 9.1.0 contain an improper input validation vulnerability that allows authenticated users with the ISI_PRIV_CLUSTER privilege to execute arbitrary opera...