Dell Powerscale Onefs
By the Year
In 2024 there have been 2 vulnerabilities in Dell Powerscale Onefs with an average score of 6.7 out of ten. Last year Powerscale Onefs had 18 security vulnerabilities published. Right now, Powerscale Onefs is on track to have less security vulnerabilities in 2024 than it did last year. Last year, the average CVE base score was greater by 0.42
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2024 | 2 | 6.65 |
| 2023 | 18 | 7.07 |
| 2022 | 3 | 7.40 |
| 2021 | 5 | 7.22 |
| 2020 | 0 | 0.00 |
| 2019 | 0 | 0.00 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Powerscale Onefs vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Dell Powerscale Onefs Security Vulnerabilities
Dell PowerScale OneFS versions 8.2.x through 9.6.0.x contains an incorrect default permissions vulnerability
CVE-2024-22430
5.5 - Medium
- February 01, 2024
Dell PowerScale OneFS versions 8.2.x through 9.6.0.x contains an incorrect default permissions vulnerability. A local low privileges malicious user could potentially exploit this vulnerability, leading to denial of service.
Incorrect Default Permissions
Dell PowerScale OneFS versions 9.0.0.x through 9.6.0.x contains a missing authentication for critical function vulnerability
CVE-2024-22449
7.8 - High
- February 01, 2024
Dell PowerScale OneFS versions 9.0.0.x through 9.6.0.x contains a missing authentication for critical function vulnerability. A low privileged local malicious user could potentially exploit this vulnerability to gain elevated access.
Missing Authentication for Critical Function
Dell PowerScale OneFS, 8.2.2.x through 9.6.0.x, contains an improper control of a resource through its lifetime vulnerability
CVE-2023-44288
7.5 - High
- December 05, 2023
Dell PowerScale OneFS, 8.2.2.x through 9.6.0.x, contains an improper control of a resource through its lifetime vulnerability. An unauthenticated network attacker could potentially exploit this vulnerability, leading to denial of service.
Dell PowerScale OneFS versions 8.2.2.x through 9.6.0.x contains an improper control of a resource through its lifetime vulnerability
CVE-2023-44295
8.1 - High
- December 05, 2023
Dell PowerScale OneFS versions 8.2.2.x through 9.6.0.x contains an improper control of a resource through its lifetime vulnerability. A low privilege attacker could potentially exploit this vulnerability, leading to loss of information, and information disclosure.
Dell PowerScale OneFS 8.2.x,9.0.0.x-9.5.0.x contains a denial-of-service vulnerability
CVE-2023-43076
6.5 - Medium
- November 02, 2023
Dell PowerScale OneFS 8.2.x,9.0.0.x-9.5.0.x contains a denial-of-service vulnerability. A low privilege remote attacker could potentially exploit this vulnerability to cause an out of memory (OOM) condition.
Memory Leak
Dell PowerScale OneFS 8.2.x, 9.0.0.x-9.5.0.x contains an improper handling of insufficient permissions
CVE-2023-43087
6.5 - Medium
- November 02, 2023
Dell PowerScale OneFS 8.2.x, 9.0.0.x-9.5.0.x contains an improper handling of insufficient permissions. A low privileged remote attacker could potentially exploit this vulnerability to cause information disclosure.
Improper Handling of Exceptional Conditions
Dell PowerScale OneFS, versions 8.2.2.x-9.5.0.x, contains an improper privilege management vulnerability
CVE-2023-32457
8.8 - High
- August 29, 2023
Dell PowerScale OneFS, versions 8.2.2.x-9.5.0.x, contains an improper privilege management vulnerability. A remote attacker with low privileges could potentially exploit this vulnerability, leading to escalation of privileges.
Improper Privilege Management
Dell PowerScale OneFS, 9.5.0.x, contains a protection mechanism bypass vulnerability
CVE-2023-32493
9.8 - Critical
- August 16, 2023
Dell PowerScale OneFS, 9.5.0.x, contains a protection mechanism bypass vulnerability. An unprivileged, remote attacker could potentially exploit this vulnerability, leading to denial of service, information disclosure and remote execution.
Dell PowerScale OneFS, 8.2.x - 9.5.0.x, contains an elevation of privilege vulnerability
CVE-2023-32487
7.8 - High
- August 16, 2023
Dell PowerScale OneFS, 8.2.x - 9.5.0.x, contains an elevation of privilege vulnerability. A low privileged local attacker could potentially exploit this vulnerability, leading to denial of service, code execution and information disclosure.
Dell PowerScale OneFS, 8.2.x-9.5.0.x, contains an information disclosure vulnerability in NFS
CVE-2023-32488
4.3 - Medium
- August 16, 2023
Dell PowerScale OneFS, 8.2.x-9.5.0.x, contains an information disclosure vulnerability in NFS. A low privileged attacker could potentially exploit this vulnerability, leading to information disclosure.
Dell PowerScale OneFS 8.2x -9.5x contains a privilege escalation vulnerability
CVE-2023-32489
6.7 - Medium
- August 16, 2023
Dell PowerScale OneFS 8.2x -9.5x contains a privilege escalation vulnerability. A local attacker with high privileges could potentially exploit this vulnerability, to bypass mode protections and gain elevated privileges.
Dell PowerScale OneFS 8.2x -9.5x contains an improper privilege management vulnerability
CVE-2023-32490
6.7 - Medium
- August 16, 2023
Dell PowerScale OneFS 8.2x -9.5x contains an improper privilege management vulnerability. A high privilege local attacker could potentially exploit this vulnerability, leading to system takeover.
Dell PowerScale OneFS 9.5.0.x, contains an insertion of sensitive information into log file vulnerability in SNMPv3
CVE-2023-32491
6.5 - Medium
- August 16, 2023
Dell PowerScale OneFS 9.5.0.x, contains an insertion of sensitive information into log file vulnerability in SNMPv3. A low privileges user could potentially exploit this vulnerability, leading to information disclosure.
Insertion of Sensitive Information into Log File
Dell PowerScale OneFS 9.5.0.x contains an incorrect default permissions vulnerability
CVE-2023-32492
7.1 - High
- August 16, 2023
Dell PowerScale OneFS 9.5.0.x contains an incorrect default permissions vulnerability. A low-privileged local attacker could potentially exploit this vulnerability, leading to information disclosure or allowing to modify files.
Incorrect Default Permissions
Dell PowerScale OneFS, 8.2.x-9.5.x, contains a exposure of sensitive information to an unauthorized Actor vulnerability
CVE-2023-32495
7.8 - High
- August 16, 2023
Dell PowerScale OneFS, 8.2.x-9.5.x, contains a exposure of sensitive information to an unauthorized Actor vulnerability. An authorized local attacker could potentially exploit this vulnerability, leading to escalation of privileges.
Dell PowerScale OneFS 9.5.x version contain a privilege escalation vulnerability
CVE-2023-32486
7.8 - High
- August 16, 2023
Dell PowerScale OneFS 9.5.x version contain a privilege escalation vulnerability. A low privilege local attacker could potentially exploit this vulnerability, leading to escalation of privileges.
Dell PowerScale OneFS, 8.0.x-9.5.x, contains an improper handling of insufficient privileges vulnerability
CVE-2023-32494
6.7 - Medium
- August 16, 2023
Dell PowerScale OneFS, 8.0.x-9.5.x, contains an improper handling of insufficient privileges vulnerability. A local privileged attacker could potentially exploit this vulnerability, leading to elevation of privilege and affect in compliance mode also.
Dell PowerScale OneFS 9.4.0.x contains exposure of sensitive information to an unauthorized actor
CVE-2023-25536
6.7 - Medium
- March 02, 2023
Dell PowerScale OneFS 9.4.0.x contains exposure of sensitive information to an unauthorized actor. A malicious authenticated local user could potentially exploit this vulnerability in certificate management, leading to a potential system takeover.
Exposure of Resource to Wrong Sphere
Dell PowerScale OneFS, versions 9.2.0.x through 9.4.0.x contain an information vulnerability
CVE-2022-34444
7.5 - High
- February 11, 2023
Dell PowerScale OneFS, versions 9.2.0.x through 9.4.0.x contain an information vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability to cause data leak.
Use of a Broken or Risky Cryptographic Algorithm
Dell PowerScale OneFS, versions 8.2.x through 9.3.x contain a weak encoding for a password
CVE-2022-34445
4.4 - Medium
- February 11, 2023
Dell PowerScale OneFS, versions 8.2.x through 9.3.x contain a weak encoding for a password. A malicious local privileged attacker may potentially exploit this vulnerability, leading to information disclosure.
Insufficiently Protected Credentials
Dell PowerScale OneFS, versions 8.2.x-9.2.x, contain broken or risky cryptographic algorithm
CVE-2022-31230
9.8 - Critical
- June 28, 2022
Dell PowerScale OneFS, versions 8.2.x-9.2.x, contain broken or risky cryptographic algorithm. A remote unprivileged malicious attacker could potentially exploit this vulnerability, leading to full system access.
Use of a Broken or Risky Cryptographic Algorithm
Dell PowerScale OneFS, 8.2.x through 9.3.0.x, contain an error message with sensitive information
CVE-2022-31229
4.9 - Medium
- June 28, 2022
Dell PowerScale OneFS, 8.2.x through 9.3.0.x, contain an error message with sensitive information. An administrator could potentially exploit this vulnerability, leading to disclosure of sensitive information. This sensitive information can be used to access sensitive resources.
Generation of Error Message Containing Sensitive Information
Dell PowerScale OneFS versions 8.2.0.x through 9.3.0.x, contain a weak password requirement vulnerability
CVE-2022-29098
7.5 - High
- June 01, 2022
Dell PowerScale OneFS versions 8.2.0.x through 9.3.0.x, contain a weak password requirement vulnerability. An administrator may create an account with no password. A remote attacker may potentially exploit this leading to a user account compromise.
Weak Password Requirements
Dell PowerScale OneFS, versions 8.2.2-9.3.0.x, contain an authentication bypass by primary weakness in one of the authentication factors
CVE-2021-36350
7.5 - High
- December 21, 2021
Dell PowerScale OneFS, versions 8.2.2-9.3.0.x, contain an authentication bypass by primary weakness in one of the authentication factors. A remote unauthenticated attacker may potentially exploit this vulnerability and bypass one of the factors of authentication.
authentification
Dell PowerScale OneFS 9.1.0.x contains an improper privilege management vulnerability
CVE-2021-21567
7.8 - High
- August 10, 2021
Dell PowerScale OneFS 9.1.0.x contains an improper privilege management vulnerability. It may allow an authenticated user with ISI_PRIV_LOGIN_SSH and/or ISI_PRIV_LOGIN_CONSOLE to elevate privilege.
Improper Privilege Management
Dell PowerScale OneFS versions 8.1.0-9.1.0 contain an Incorrect User Management vulnerability.under some specific conditions, this can
CVE-2021-21553
8.8 - High
- August 03, 2021
Dell PowerScale OneFS versions 8.1.0-9.1.0 contain an Incorrect User Management vulnerability.under some specific conditions, this can allow the CompAdmin user to elevate privileges and break out of Compliance mode. This is a critical vulnerability and Dell recommends upgrading at the earliest.
Dell PowerScale OneFS versions 9.1.0.3 and earlier contain a denial of service vulnerability
CVE-2021-21565
5.3 - Medium
- August 03, 2021
Dell PowerScale OneFS versions 9.1.0.3 and earlier contain a denial of service vulnerability. SmartConnect had an error condition that may be triggered to loop, using CPU and potentially preventing other SmartConnect DNS responses.
Excessive Iteration
Dell PowerScale OneFS 8.1.0 - 9.1.0 contains a privilege escalation in SmartLock compliance mode
CVE-2021-21526
6.7 - Medium
- April 20, 2021
Dell PowerScale OneFS 8.1.0 - 9.1.0 contains a privilege escalation in SmartLock compliance mode that may allow compadmin to execute arbitrary commands as root.
Shell injection
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Dell Powerscale Onefs or by Dell? Click the Watch button to subscribe.
