Dell Powerscale Onefs
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Dell Powerscale Onefs.
By the Year
In 2026 there have been 12 vulnerabilities in Dell Powerscale Onefs with an average score of 5.8 out of ten. Last year, in 2025 Powerscale Onefs had 17 security vulnerabilities published. If vulnerabilities keep coming in at the current rate, it appears that number of security vulnerabilities in Powerscale Onefs in 2026 could surpass last years number. Last year, the average CVE base score was greater by 0.44
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 12 | 5.82 |
| 2025 | 17 | 6.26 |
| 2024 | 31 | 6.67 |
| 2023 | 21 | 7.25 |
| 2022 | 6 | 7.12 |
| 2021 | 5 | 7.22 |
It may take a day or so for new Powerscale Onefs vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Dell Powerscale Onefs Security Vulnerabilities
Dell PowerScale OneFS 9.13.0.0: Account Lockout Mechanism Vulnerability (DoS)
CVE-2026-25907
5.3 - Medium
- March 04, 2026
Dell PowerScale OneFS, version 9.13.0.0, contains an overly restrictive account lockout mechanism vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to denial of service.
Overly Restrictive Account Lockout Mechanism
Dell PowerScale OneFS External Config Control (9.10.0.09.12.0.1)
CVE-2026-21422
3.4 - Low
- March 04, 2026
Dell PowerScale OneFS, versions 9.10.0.0 through 9.10.1.5 and versions 9.11.0.0 through 9.12.0.1, contains an external control of system or configuration setting vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to protection mechanism bypass.
External Control of System or Configuration Setting
Dell PowerScale OneFS <9.10.1.6,9.12.0.1: Unnecessary Privilege Exec EoP
CVE-2026-21424
6.7 - Medium
- March 04, 2026
Dell PowerScale OneFS, versions prior to 9.10.1.6 and versions 9.11.0.0 through 9.12.0.1, contains an execution with unnecessary privileges vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges.
Execution with Unnecessary Privileges
Dell PowerScale OneFS PrivEsc (pre-9.10.1.6, 9.11.0.0-9.12.0.1)
CVE-2026-21421
6.7 - Medium
- March 04, 2026
Dell PowerScale OneFS, versions prior to 9.10.1.6 and versions 9.11.0.0 through 9.12.0.1, contains an execution with unnecessary privileges vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to elevation of privileges.
Execution with Unnecessary Privileges
Dell PowerScale OneFS Exec Priv Esc v<9.10.1.6, 9.11.0.09.12.0.1
CVE-2026-21426
6.7 - Medium
- March 04, 2026
Dell PowerScale OneFS, versions prior to 9.10.1.6 and versions 9.11.0.0 through 9.12.0.1, contains an execution with unnecessary privileges vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to denial of service, elevation of privileges, and information disclosure.
Execution with Unnecessary Privileges
Dell PowerScale OneFS incorrect default perms in 9.10.1.5 and below
CVE-2026-21423
6.7 - Medium
- March 04, 2026
Dell PowerScale OneFS, versions prior to 9.10.1.6 and versions 9.11.0.0 through 9.12.0.1, contains an incorrect default permissions vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to code execution, denial of service, elevation of privileges, and information disclosure.
Incorrect Default Permissions
Dell PowerScale OneFS <9.10.1.6 or 9.119.12 Uncontrolled Search Path (CVE202622270)
CVE-2026-22270
6.7 - Medium
- March 04, 2026
Dell PowerScale OneFS, versions prior to 9.10.1.6 and versions 9.11.0.0 through 9.12.0.1, contains an uncontrolled search path element vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to denial of service, elevation of privileges, and information disclosure.
DLL preloading
Dell PowerScale OneFS <9.10.1.6/9.11-9.12 PE via Local
CVE-2026-21425
6.7 - Medium
- March 04, 2026
Dell PowerScale OneFS, versions prior to 9.10.1.6 and versions 9.11.0.0 through 9.12.0.1, contains an incorrect privilege assignment vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges.
Incorrect Privilege Assignment
Dell PowerScale OneFS TOCTOU DoS via Adjacent Net Attacker (9.5-9.12)
CVE-2026-22281
3.5 - Low
- January 22, 2026
Dell PowerScale OneFS, versions 9.5.0.0 through 9.5.1.5, versions 9.6.0.0 through 9.7.1.10, versions 9.8.0.0 through 9.10.1.3, versions starting from 9.11.0.0 and prior to 9.13.0.0, contains a Time-of-check Time-of-use (TOCTOU) race condition vulnerability. A low privileged attacker with adjacent network access could potentially exploit this vulnerability, leading to denial of service.
TOCTTOU
Dell PowerScale OneFS <v9.13: Incorrect Perm Local DoS (CVE-2026-22280)
CVE-2026-22280
5 - Medium
- January 22, 2026
Dell PowerScale OneFS, versions 9.5.0.0 through 9.5.1.5, versions 9.6.0.0 through 9.7.1.10, versions 9.8.0.0 through 9.10.1.3, versions starting from 9.11.0.0 and prior to 9.13.0.0, contains an incorrect permission assignment for critical resource vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to denial of service.
Incorrect Permission Assignment for Critical Resource
Dell PowerScale OneFS <=9.12 Insufficient Logging Info Tampering
CVE-2026-22279
4.3 - Medium
- January 22, 2026
Dell PowerScale OneFS, versions prior 9.13.0.0, contains an insufficient logging vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to information tampering.
Insufficient Logging
Dell PowerScale OneFS <9.13.0.0 Remote Auth Bypass
CVE-2026-22278
8.1 - High
- January 22, 2026
Dell PowerScale OneFS versions prior to 9.13.0.0 contains an improper restriction of excessive authentication attempts vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Unauthorized access.
Improper Restriction of Excessive Authentication Attempts
Dell OneFS <9.10.1.3 / 9.1112 risky crypto Info Disclosure
CVE-2025-43723
5.9 - Medium
- November 10, 2025
Dell PowerScale OneFS, versions prior to 9.10.1.3 and versions 9.11.0.0 through 9.12.0.0, contains a use of a broken or risky cryptographic algorithm vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure.
Use of a Broken or Risky Cryptographic Algorithm
Dell PowerScale OneFS <9.12.0.0: Auth Bypass via User-Key
CVE-2025-43724
4.4 - Medium
- October 08, 2025
Dell PowerScale OneFS, versions prior to 9.12.0.0, contains an authorization bypass through user-controlled key vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability to gain unauthorized access to NFSv4 or SMB shares.
Insecure Direct Object Reference / IDOR
Dell PowerScale OneFS 9.5-9.11 Info Disclosure via Unauth Remote Access
CVE-2025-36601
4 - Medium
- September 25, 2025
Dell PowerScale OneFS, versions 9.5.0.0 through 9.11.0.0, contains an exposure of sensitive information to an unauthorized actor vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to Information disclosure.
Information Disclosure
Dell PowerScale OneFS <9.11.0.0: Broken Crypto Alg. Info Disclosure
CVE-2025-30477
4.9 - Medium
- July 21, 2025
Dell PowerScale OneFS, versions prior to 9.11.0.0, contains a use of a broken or risky cryptographic algorithm vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure.
Use of a Broken or Risky Cryptographic Algorithm
OneFS 9.5–9.10 SQL Injection Vulnerability (CVE-2025-32753)
CVE-2025-32753
7.8 - High
- June 20, 2025
Dell PowerScale OneFS, versions 9.5.0.0 through 9.10.0.1, contains an improper neutralization of special elements used in an SQL command ('SQL injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to denial of service, information disclosure, and information tampering.
SQL Injection
Dell PowerScale OneFS NFS Export Auth Bypass (9.5.0.0-9.10.0.1)
CVE-2024-53298
- June 20, 2025
Dell PowerScale OneFS, versions 9.5.0.0 through 9.10.0.1, contains a missing authorization vulnerability in the NFS export. An unauthenticated attacker with remote access could potentially exploit this vulnerability leading to unauthorized filesystem access. The attacker may be able to read, modify, and delete arbitrary files. This vulnerability is considered critical as it can be leveraged to fully compromise the system. Dell recommends customers to upgrade at the earliest opportunity.
AuthZ
Uncontrolled Resource Consumption in Dell PowerScale OneFS 9.4-9.9 DoS
CVE-2025-26481
- May 15, 2025
Dell PowerScale OneFS, versions 9.4.0.0 through 9.9.0.0, contains an uncontrolled resource consumption vulnerability. A remote unprivileged attacker could potentially exploit this vulnerability, leading to denial of service.
Resource Exhaustion
Dell PowerScale OneFS 9.8.0.0-9.10.1.0 TOCTOU Race Condition DoS & Info Tampering
CVE-2025-30101
6.3 - Medium
- May 08, 2025
Dell PowerScale OneFS, versions 9.8.0.0 through 9.10.1.0, contain a time-of-check time-of-use (TOCTOU) race condition vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to denial of service and information tampering.
TOCTTOU
Dell PowerScale OneFS <=9.10.1.0 OOB Write (DoS Risk)
CVE-2025-30102
5.5 - Medium
- May 08, 2025
Dell PowerScale OneFS, versions 9.4.0.0 through 9.10.1.0, contains an out-of-bounds write vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to denial of service.
Memory Corruption
Dell PowerScale OneFS OOB Write Vulnerability (9.4.0.0-9.10.0.0) in NFS Workflows
CVE-2025-26479
- April 10, 2025
Dell PowerScale OneFS, versions 9.4.0.0 through 9.10.0.0, contains an out-of-bounds write vulnerability. An attacker could potentially exploit this vulnerability in NFS workflows, leading to data integrity issues.
Memory Corruption
Dell PowerScale OneFS 9.5-9.10 Uncontrolled Resource Consumption (DDoS)
CVE-2025-26480
7.5 - High
- April 10, 2025
Dell PowerScale OneFS, versions 9.5.0.0 through 9.10.0.0, contains an uncontrolled resource consumption vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to denial of service.
Allocation of Resources Without Limits or Throttling
Dell PowerScale OneFS 9.5–9.10 Default Password Unauth Remote Exploit
CVE-2025-27690
9.8 - Critical
- April 10, 2025
Dell PowerScale OneFS, versions 9.5.0.0 through 9.10.1.0, contains a use of default password vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to the takeover of a high privileged user account.
1393
Info Disclosure via Directory Listing in Dell PowerScale OneFS 9.4.0.0-9.10.0.0
CVE-2025-23378
- April 10, 2025
Dell PowerScale OneFS, versions 9.4.0.0 through 9.10.0.0, contains an exposure of information through directory listing vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to information disclosure.
Exposure of Information Through Directory Listing
Dell PowerScale OneFS 9.4–9.10 Integer Overflow DOS Vulnerability
CVE-2025-22471
- April 10, 2025
Dell PowerScale OneFS, versions 9.4.0.0 through 9.10.0.1, contains an integer overflow or wraparound vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to denial of service.
Integer Overflow or Wraparound
Dell PowerScale OneFS 9.4-9.10 Auth Bypass (Local Unauth) for Disabled User
CVE-2025-26330
7 - High
- April 10, 2025
Dell PowerScale OneFS, versions 9.4.0.0 through 9.10.0.1, contains an incorrect authorization vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability to access the cluster with previous privileges of a disabled user account.
AuthZ
Dell PowerScale OneFS v8.2.2+ to 9.9.0.0: Uncontrolled Resource Consumption (DoS)
CVE-2024-47239
6.5 - Medium
- January 08, 2025
Dell PowerScale OneFS versions 8.2.2.x through 9.9.0.0 contain an uncontrolled resource consumption vulnerability. A remote low privileged attacker could potentially exploit this vulnerability, leading to denial of service.
Resource Exhaustion
Dell PowerScale OneFS 8.2.2.x9.8.0.x Permission Assignment Flaw Leading to DoS
CVE-2024-47475
5.5 - Medium
- January 06, 2025
Dell PowerScale OneFS 8.2.2.x through 9.8.0.x contains an incorrect permission assignment for critical resource vulnerability. A locally authenticated attacker could potentially exploit this vulnerability, leading to denial of service.
Incorrect Permission Assignment for Critical Resource
Dell PowerScale OneFS 9.5.0.x9.8.0.x RDoS via Uncontrolled Resource
CVE-2024-42426
6.5 - Medium
- December 09, 2024
Dell PowerScale OneFS Versions 9.5.0.x through 9.8.0.x contain an uncontrolled resource consumption vulnerability. A low privilege remote attacker could potentially exploit this vulnerability, leading to denial of service.
Resource Exhaustion
Dell PowerScale OneFS <8.2.2.x-9.8.0.x> Improper Resource Unlocking DoS
CVE-2024-49602
6.5 - Medium
- December 09, 2024
Dell PowerScale OneFS Versions 8.2.2.x through 9.8.0.x contain an improper resource unlocking vulnerability. A remote low privileged attacker could potentially exploit this vulnerability, leading to denial of service.
Improper Locking
Dell PowerScale OneFS 8.2.2.x9.9.0.x info disclosure via incorrect argument
CVE-2024-49603
6.5 - Medium
- December 09, 2024
Dell PowerScale OneFS Versions 8.2.2.x through 9.9.0.x contain an incorrect specified argument vulnerability. A remote low privileged legitimate user could potentially exploit this vulnerability, leading to information disclosure.
Function Call With Incorrectly Specified Argument Value
Dell PowerScale OneFS 8.2.2.x-9.8.0.1 Symlink Follow Vulnerability (CVE-2024-39578)
CVE-2024-39578
6.3 - Medium
- August 31, 2024
Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.1 contains a UNIX symbolic link (symlink) following vulnerability. A local high privileged attacker could potentially exploit this vulnerability, leading to denial of service, information tampering.
insecure temporary file
PowerScale OneFS 8.2.2.x9.8.0.0 Priv Assign Misconfig Root Access
CVE-2024-39579
6.7 - Medium
- August 31, 2024
Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.0 contains an incorrect privilege assignment vulnerability. A local high privileged attacker could potentially exploit this vulnerability to gain root-level access.
Incorrect Privilege Assignment
Dell PowerScale OneFS Privilege Escalation 8.2.2.x-9.8.0.0
CVE-2024-37133
6.7 - Medium
- July 02, 2024
Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.0 contain an improper privilege management vulnerability. A local high privileged attacker could potentially exploit this vulnerability, leading to unauthorized gain of root-level access.
Local Privilege Escalation in Dell PowerScale OneFS 8.2.2.x-9.8.0.0
CVE-2024-37126
6.7 - Medium
- July 02, 2024
Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.0 contain an improper privilege management vulnerability. A local high privileged attacker could potentially exploit this vulnerability, leading to unauthorized gain of root-level access.
EOP via Incorrect Priv Assignment in Dell PowerScale OneFS 8.2.2.x9.8.0.0
CVE-2024-37132
6.7 - Medium
- July 02, 2024
Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.0 contain an incorrect privilege assignment vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Denial of service and Elevation of privileges.
Dell PowerScale OneFS Local Priv Esc (8.2-9.8)
CVE-2024-37134
6.7 - Medium
- July 02, 2024
Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.0 contain an improper privilege management vulnerability. A local high privileged attacker could potentially exploit this vulnerability to gain root-level access.
Dell PowerScale OneFS 8.2.2.x-9.7.0.0: Use of Risky Crypto Algorithm
CVE-2024-32852
7.5 - High
- July 02, 2024
Dell PowerScale OneFS versions 8.2.2.x through 9.7.0.0 contain use of a broken or risky cryptographic algorithm vulnerability. An unprivileged network malicious attacker could potentially exploit this vulnerability, leading to data leaks.
Use of a Broken or Risky Cryptographic Algorithm
Privilege Escalation via Unnecessary Privileges in Dell PowerScale OneFS 8.2.29.7.0.2 (CVE-2024-3285
CVE-2024-32853
7.8 - High
- July 02, 2024
Dell PowerScale OneFS versions 8.2.2.x through 9.7.0.2 contain an execution with unnecessary privileges vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to escalation of privileges.
Dell PowerScale OneFS Improper Privilege Escalation (pre-9.8.0.0)
CVE-2024-32854
6.7 - Medium
- July 02, 2024
Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.0 contain an improper privilege management vulnerability. A local high privilege attacker could potentially exploit this vulnerability, leading to privilege escalation.
Dell PowerScale OneFS v8.2-9.8.x Hardcoded Credentials Exploit
CVE-2024-29170
8.1 - High
- June 04, 2024
Dell PowerScale OneFS versions 8.2.x through 9.8.0.x contain a use of hard coded credentials vulnerability. An adjacent network unauthenticated attacker could potentially exploit this vulnerability, leading to information disclosure of network traffic and denial of service.
Use of Hard-coded Credentials
Dell OneFS 8.2.x-9.7.0.2 File Path Control Vulnerability (Denial of Service)
CVE-2024-25965
4.4 - Medium
- May 14, 2024
Dell PowerScale OneFS versions 8.2.x through 9.7.0.2 contains an external control of file name or path vulnerability. A local high privilege attacker could potentially exploit this vulnerability, leading to denial of service.
External Control of File Name or Path
Dell PowerScale OneFS 8.2.x-9.7.0.2 Crypto Alg Exploit Info Disclosure
CVE-2024-25968
7.5 - High
- May 14, 2024
Dell PowerScale OneFS versions 8.2.x through 9.7.0.2 contains a use of a broken or risky cryptographic algorithm vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to information disclosure.
Use of a Broken or Risky Cryptographic Algorithm
Dell PowerScale OneFS 8.2.x-9.7.0.2 IDS: Improper Data Type Handling DDoS
CVE-2024-25966
7.5 - High
- May 14, 2024
Dell PowerScale OneFS versions 8.2.x through 9.7.0.2 contains an improper handling of unexpected data type vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to denial of service.
Improper Handling of Unexpected Data Type
Dell PowerScale OneFS 8.2.x9.7.0.1 EPV Privilege Escalation
CVE-2024-25967
6.7 - Medium
- May 14, 2024
Dell PowerScale OneFS versions 8.2.x through 9.7.0.1 contains an execution with unnecessary privileges vulnerability. A local high privileged attacker could potentially exploit this vulnerability, leading to escalation of privileges.
Execution with Unnecessary Privileges
DoS via Unbounded Resource Allocation in PowerScale OneFS 8.2.x-9.7.0.1
CVE-2024-25969
5.5 - Medium
- May 14, 2024
Dell PowerScale OneFS versions 8.2.x through 9.7.0.1 contains an allocation of resources without limits or throttling vulnerability. A local unauthenticated attacker could potentially exploit this vulnerability, leading to denial of service.
Allocation of Resources Without Limits or Throttling
Dell PowerScale OneFS 8.2.x-9.7.0.1 Improper Input Validation, Integrity Loss
CVE-2024-25970
6.5 - Medium
- May 14, 2024
Dell PowerScale OneFS versions 8.2.x through 9.7.0.1 contains an improper input validation vulnerability. A low privileged remote attacker could potentially exploit this vulnerability, leading to loss of integrity.
Improper Input Validation
Dell PowerScale OneFS 8.2.2.x9.5.0.x Broken Crypto Allows Info Disclosure
CVE-2024-25963
7.5 - High
- March 28, 2024
Dell PowerScale OneFS, versions 8.2.2.x through 9.5.0.x contains a use of a broken cryptographic algorithm vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to information disclosure.
Use of a Broken or Risky Cryptographic Algorithm
Dell PowerScale OneFS 8.2.2-9.7 Cleartext Data Exposure -> Priv Escalation
CVE-2024-25960
7.8 - High
- March 28, 2024
Dell PowerScale OneFS versions 8.2.2.x through 9.7.0.x contains a cleartext transmission of sensitive information vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to escalation of privileges.
Cleartext Transmission of Sensitive Information
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Dell Powerscale Onefs or by Dell? Click the Watch button to subscribe.
