Dell

Emc Powerscale Onefs

84 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.5

CVE-2022-22560

  • EPSS 0.03%
  • Veröffentlicht 12.04.2022 18:15:08
  • Zuletzt bearbeitet 21.11.2024 06:47:01

Dell EMC PowerScale OneFS 8.1.x - 9.1.x contain hard coded credentials. This allows a local user with knowledge of the credentials to login as the admin user to the backend ethernet switch of a PowerScale cluster. The attacker can exploit this vulner...

7.5

CVE-2022-22559

  • EPSS 0.15%
  • Veröffentlicht 12.04.2022 18:15:08
  • Zuletzt bearbeitet 21.11.2024 06:47:01

Dell PowerScale OneFS, version 9.3.0, contains a use of a broken or risky cryptographic algorithm. An unprivileged network attacker could exploit this vulnerability, leading to the potential for information disclosure.

8.1

CVE-2022-22549

  • EPSS 0.35%
  • Veröffentlicht 12.04.2022 18:15:08
  • Zuletzt bearbeitet 21.11.2024 06:47:00

Dell PowerScale OneFS, 8.2.x-9.3.x, contains a Improper Certificate Validation. A unauthenticated remote attacker could potentially exploit this vulnerability, leading to a man-in-the-middle capture of administrative credentials.

5.5

CVE-2022-26855

  • EPSS 0.03%
  • Veröffentlicht 08.04.2022 20:15:09
  • Zuletzt bearbeitet 21.11.2024 06:54:39

Dell PowerScale OneFS, versions 8.2.x-9.3.0.x, contains an incorrect default permissions vulnerability. A local malicious user could potentially exploit this vulnerability, leading to a denial of service.

10

CVE-2022-26854

  • EPSS 0.2%
  • Veröffentlicht 08.04.2022 20:15:09
  • Zuletzt bearbeitet 21.11.2024 06:54:39

Dell PowerScale OneFS, versions 8.2.x-9.2.x, contain risky cryptographic algorithms. A remote unprivileged malicious attacker could potentially exploit this vulnerability, leading to full system access

9.8

CVE-2022-26852

  • EPSS 1.43%
  • Veröffentlicht 08.04.2022 20:15:09
  • Zuletzt bearbeitet 21.11.2024 06:54:38

Dell PowerScale OneFS, versions 8.2.x-9.3.x, contain a predictable seed in pseudo-random number generator. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to an account compromise.

9.1

CVE-2022-26851

  • EPSS 0.39%
  • Veröffentlicht 08.04.2022 20:15:09
  • Zuletzt bearbeitet 21.11.2024 06:54:38

Dell PowerScale OneFS, 8.2.2-9.3.x, contains a predictable file name from observable state vulnerability. An unprivileged network attacker could potentially exploit this vulnerability, leading to data loss.

8.8

CVE-2022-24428

  • EPSS 0.32%
  • Veröffentlicht 08.04.2022 20:15:09
  • Zuletzt bearbeitet 21.11.2024 06:50:24

Dell PowerScale OneFS, versions 8.2.x, 9.0.0.x, 9.1.0.x, 9.2.0.x, 9.2.1.x, and 9.3.0.x, contain an improper preservation of privileges. A remote filesystem user with a local account could potentially exploit this vulnerability, leading to an escalati...

4.4

CVE-2022-22563

  • EPSS 0.04%
  • Veröffentlicht 08.04.2022 20:15:09
  • Zuletzt bearbeitet 21.11.2024 06:47:02

Dell EMC Powerscale OneFS 8.2.x - 9.2.x omit security-relevant information in /etc/master.passwd. A high-privileged user can exploit this vulnerability to not record information identifying the source of account information changes.

5.5

CVE-2021-21561

  • EPSS 0.05%
  • Veröffentlicht 23.11.2021 20:15:09
  • Zuletzt bearbeitet 21.11.2024 05:48:36

Dell PowerScale OneFS version 8.1.2 contains a sensitive information exposure vulnerability. This would allow a malicious user with ISI_PRIV_LOGIN_SSH and/or ISI_PRIV_LOGIN_CONSOLE privileges to gain access to sensitive information in the log files.