Dell PowerScale OneFS v8.2-9.8.x Hardcoded Credentials Exploit
CVE-2024-29170 Published on June 4, 2024

Dell PowerScale OneFS versions 8.2.x through 9.8.0.x contain a use of hard coded credentials vulnerability. An adjacent network unauthenticated attacker could potentially exploit this vulnerability, leading to information disclosure of network traffic and denial of service.

Vendor Advisory NVD

Vulnerability Analysis

Attack Vector:

ADJACENT_NETWORK

Attack Complexity:

LOW

Privileges Required:

NONE

User Interaction:

NONE

Scope:

UNCHANGED

Confidentiality Impact:

HIGH

Integrity Impact:

NONE

Availability Impact:

HIGH

Weakness Type

Use of Hard-coded Credentials

The software contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data.

Products Associated with CVE-2024-29170

Want to know whenever a new CVE is published for Dell Powerscale Onefs? stack.watch will email you.

Dell Powerscale Onefs

Affected Versions

Dell PowerScale OneFS:

Version 8.2.x, <= 9.8.0.x is affected.

Exploit Probability

EPSS

0.31%

Percentile

54.14%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

Dell PowerScale OneFS v8.2-9.8.x Hardcoded Credentials ExploitCVE-2024-29170 Published on June 4, 2024

Vulnerability Analysis

Weakness Type

Use of Hard-coded Credentials

Products Associated with CVE-2024-29170

Affected Versions

Exploit Probability

Dell PowerScale OneFS v8.2-9.8.x Hardcoded Credentials Exploit
CVE-2024-29170 Published on June 4, 2024