4.4
CVE-2025-43724
- EPSS 0.02%
- Veröffentlicht 08.10.2025 14:45:47
- Zuletzt bearbeitet 31.10.2025 14:13:39
- Quelle security_alert@emc.com
- CVE-Watchlists
- Unerledigt
Dell PowerScale OneFS, versions prior to 9.12.0.0, contains an authorization bypass through user-controlled key vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability to gain unauthorized access to NFSv4 or SMB shares.
Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
LoginDaten sind bereitgestellt durch National Vulnerability Database (NVD)
Dell ≫ Powerscale Onefs Version >= 9.5.0.0 < 9.5.1.5
Dell ≫ Powerscale Onefs Version >= 9.6.0 < 9.7.1.10
Dell ≫ Powerscale Onefs Version >= 9.8.0.0 < 9.10.1.3
Dell ≫ Powerscale Onefs Version >= 9.11.0.0 < 9.12.0.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.02% | 0.032 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.4 | 0.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
|
| security_alert@emc.com | 4.4 | 0.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
|
CWE-639 Authorization Bypass Through User-Controlled Key
The system's authorization functionality does not prevent one user from gaining access to another user's data or record by modifying the key value identifying the data.