7.5

CVE-2021-21528

Dell EMC PowerScale OneFS versions 9.1.0, 9.2.0.x, 9.2.1.x contain an Exposure of Information through Directory Listing vulnerability. This vulnerability is triggered when upgrading from a previous versions.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
DellEmc Powerscale Onefs Version9.1.0.0
DellEmc Powerscale Onefs Version9.2.0.0
DellEmc Powerscale Onefs Version9.2.1.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.95% 0.567
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 3.9 3.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:P/I:N/A:N
security_alert@emc.com 7.5 3.9 3.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CWE-548 Exposure of Information Through Directory Listing

The product inappropriately exposes a directory listing with an index of all the resources located inside of the directory.

https://www.dell.com/support/kbdoc/en-us/000193005/
Vendor Advisory
Mitigation