Dell PowerScale OneFS 9.5-9.13 Privilege Escalation via Incorrect Role Assignment: CVE-2026-27102 April 2026

Dell PowerScale OneFS, versions 9.5.0.0 through 9.10.1.6 and versions 9.11.0.0 through 9.13.0.1, contains an incorrect privilege assignment vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to elevation of privileges.

Vulnerability Analysis

CVE-2026-27102 is exploitable with local system access, and requires small amount of user privileges. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have a small impact on confidentiality and integrity, and a high impact on availability.

Attack Vector:

LOCAL

Attack Complexity:

LOW

Privileges Required:

LOW

User Interaction:

NONE

Scope:

UNCHANGED

Confidentiality Impact:

LOW

Integrity Impact:

LOW

Availability Impact:

HIGH

Weakness Type

Incorrect Privilege Assignment

A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.

Products Associated with CVE-2026-27102

Want to know whenever a new CVE is published for Dell Powerscale Onefs? stack.watch will email you.

Dell PowerScale OneFS 9.5-9.13 Privilege Escalation via Incorrect Role Assignment
CVE-2026-27102 Published on April 8, 2026

Vulnerability Analysis

Weakness Type

Incorrect Privilege Assignment

Products Associated with CVE-2026-27102

Affected Versions

Dell PowerScale OneFS 9.5-9.13 Privilege Escalation via Incorrect Role AssignmentCVE-2026-27102 Published on April 8, 2026

Vulnerability Analysis

Weakness Type

Incorrect Privilege Assignment

Products Associated with CVE-2026-27102

Affected Versions

Dell PowerScale OneFS 9.5-9.13 Privilege Escalation via Incorrect Role Assignment
CVE-2026-27102 Published on April 8, 2026