8.2

CVE-2021-21594

Dell PowerScale OneFS versions 8.2.2 - 9.1.0.x contain a use of get request method with sensitive query strings vulnerability. It can lead to potential disclosure of sensitive data. Dell recommends upgrading at your earliest opportunity.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
DellEmc Powerscale Onefs Version >= 9.0.0.0 <= 9.1.0
DellEmc Powerscale Onefs Version8.2.2
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.81% 0.52
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.3 3.9 1.4
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:P/I:N/A:N
security_alert@emc.com 8.2 3.9 4.2
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
CWE-598 Use of HTTP Request With Sensitive Query String

The web application uses an HTTP method to process a request, but the request includes sensitive information in the query string.

https://www.dell.com/support/kbdoc/000190408
Patch
Vendor Advisory