Uncontrolled Resource Consumption in SMB on Dell PowerScale OneFS 8.2-9.4 (DoS)
CVE-2023-25942 Published on April 4, 2023
Dell PowerScale OneFS versions 8.2.x-9.4.x contain an uncontrolled resource consumption vulnerability. A malicious network user with low privileges could potentially exploit this vulnerability in SMB, leading to a potential denial of service.
Vulnerability Analysis
CVE-2023-25942 is exploitable with network access, and requires small amount of user privileges. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a high impact on availability.
Weakness Type
Improper Control of a Resource Through its Lifetime
The software does not maintain or incorrectly maintains control over a resource throughout its lifetime of creation, use, and release.
Products Associated with CVE-2023-25942
You can be notified by email with stack.watch whenever vulnerabilities like CVE-2023-25942 are published in Dell Emc Powerscale Onefs:
Affected Versions
Dell PowerScale OneFS:- Version 9.2.1.0 through 9.2.1.21 9.4.0.0 through 9.4.0.12 9.5.0.0 is affected.
- Version 9.1.0.0 through 9.1.0.28 is affected.
- Version Any other version is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.