Dell Emc Powerscale Onefs — known CVE vulnerabilities
Every CVE whose affected-product data names Dell Emc Powerscale Onefs, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (84)
CVE-2021-21502 — CVSS 9.8 (critical): Dell PowerScale OneFS versions 8.1.0 – 9.1.0 contain a "use of SSH key past account expiration" vulnerability. A user on the network with…
CVE-2022-26851 — CVSS 9.1 (critical): Dell PowerScale OneFS, 8.2.2-9.3.x, contains a predictable file name from observable state vulnerability. An unprivileged network attacker…
CVE-2020-5353 — CVSS 8.8 (high): The Dell Isilon OneFS versions 8.2.2 and earlier and Dell EMC PowerScale OneFS version 9.0.0 default configuration for Network File System…
CVE-2020-5369 — CVSS 8.8 (high): Dell EMC Isilon OneFS versions 8.2.2 and earlier and Dell EMC PowerScale OneFS version 9.0.0 contain a privilege escalation vulnerability…
CVE-2021-21506 — CVSS 8.8 (high): PowerScale OneFS 8.1.2,8.2.2 and 9.1.0 contains an improper input sanitization issue in its API handler. An un-authtenticated with…
CVE-2023-22575 — CVSS 8.7 (high): Dell PowerScale OneFS 9.0.0.x - 9.4.0.x contain an insertion of sensitive information into log file vulnerability in celog. A low…
CVE-2021-21594 — CVSS 8.2 (high): Dell PowerScale OneFS versions 8.2.2 - 9.1.0.x contain a use of get request method with sensitive query strings vulnerability. It can lead…
CVE-2021-36278 — CVSS 8.1 (high): Dell EMC PowerScale OneFS versions 8.2.x, 9.1.0.x, and 9.1.1.1 contain a sensitive information exposure vulnerability in log files. A local…
CVE-2023-22574 — CVSS 8.1 (high): Dell PowerScale OneFS 9.0.0.x - 9.4.0.x contain an insertion of sensitive information into log file vulnerability in platform API of IPMI…
CVE-2022-45100 — CVSS 8.1 (high): Dell PowerScale OneFS, versions 8.2.x-9.3.x, contains an Improper Certificate Validation vulnerability. An remote unauthenticated attacker…
CVE-2022-34371 — CVSS 8.1 (high): Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0.3, contain an unprotected transport of…
CVE-2022-34369 — CVSS 8.1 (high): Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.20, 9.2.1.13, 9.3.0.6, and 9.4.0.3 , contain an insertion of sensitive…
CVE-2022-26852 — CVSS 8.1 (high): Dell PowerScale OneFS, versions 8.2.x-9.3.x, contain a predictable seed in pseudo-random number generator. A remote unauthenticated…
CVE-2022-22561 — CVSS 8.1 (high): Dell PowerScale OneFS, versions 8.2.x-9.3.0.x, contain an improper restriction of excessive authentication attempts. An unauthenticated…
CVE-2020-5371 — CVSS 8.0 (high): Dell EMC Isilon OneFS versions 8.2.2 and earlier and Dell EMC PowerScale version 9.0.0 contain a file permissions vulnerability. An…
CVE-2023-22573 — CVSS 7.9 (high): Dell PowerScale OneFS 9.0.0.x-9.4.0.x contain an insertion of sensitive information into log file vulnerability in cloudpool. A low…
CVE-2020-26192 — CVSS 7.8 (high): Dell EMC PowerScale OneFS versions 8.2.0 - 9.1.0 contain a privilege escalation vulnerability. A non-admin user with either…
CVE-2022-24411 — CVSS 7.8 (high): Dell PowerScale OneFS 8.2.2 and above contain an elevation of privilege vulnerability. A local attacker with ISI_PRIV_LOGIN_SSH and/or…
CVE-2020-26191 — CVSS 7.8 (high): Dell EMC PowerScale OneFS versions 8.1.0 - 9.1.0 contain a privilege escalation vulnerability. A user with ISI_PRIV_JOB_ENGINE may use the…
CVE-2021-36280 — CVSS 7.8 (high): Dell EMC PowerScale OneFS versions 8.2.x - 9.2.x contain an incorrect permission assignment for critical resource vulnerability. This could…
CVE-2021-21561 — CVSS 7.8 (high): Dell PowerScale OneFS version 8.1.2 contains a sensitive information exposure vulnerability. This would allow a malicious user with…
CVE-2021-36279 — CVSS 7.8 (high): Dell EMC PowerScale OneFS versions 8.2.x - 9.2.x contain an incorrect permission assignment for critical resource vulnerability. This could…
CVE-2023-25941 — CVSS 7.8 (high): Dell PowerScale OneFS versions 8.2.x-9.5.0.x contain an elevation of privilege vulnerability. A low-privileged local attacker could…
CVE-2023-22572 — CVSS 7.8 (high): Dell PowerScale OneFS 9.1.0.x-9.4.0.x contain an insertion of sensitive information into log file vulnerability in change password api. A…
CVE-2020-26193 — CVSS 7.8 (high): Dell EMC PowerScale OneFS versions 8.1.0 - 9.1.0 contain an improper input validation vulnerability. A user with the ISI_PRIV_CLUSTER…
CVE-2021-21503 — CVSS 7.8 (high): PowerScale OneFS 8.1.2,8.2.2 and 9.1.0 contains an improper input sanitization issue in a command. The Compadmin user could potentially…
CVE-2022-45099 — CVSS 7.8 (high): Dell PowerScale OneFS, versions 8.2.x-9.4.x, contain a weak encoding for a NDMP password. A malicious and privileged local attacker could…
CVE-2015-6312 — CVSS 7.5 (high): Cisco TelePresence Server 3.1 on 7010, Mobility Services Engine (MSE) 8710, Multiparty Media 310 and 320, and Virtual Machine (VM) devices…
CVE-2020-26197 — CVSS 7.5 (high): Dell PowerScale OneFS 8.1.0 - 9.1.0 contains an LDAP Provider inability to connect over TLSv1.2 vulnerability. It may make it easier to…
CVE-2021-21528 — CVSS 7.5 (high): Dell EMC PowerScale OneFS versions 9.1.0, 9.2.0.x, 9.2.1.x contain an Exposure of Information through Directory Listing vulnerability. This…
CVE-2022-22549 — CVSS 7.5 (high): Dell PowerScale OneFS, 8.2.x-9.3.x, contains a Improper Certificate Validation. A unauthenticated remote attacker could potentially exploit…
CVE-2022-22559 — CVSS 7.5 (high): Dell PowerScale OneFS, version 9.3.0, contains a use of a broken or risky cryptographic algorithm. An unprivileged network attacker could…
CVE-2022-22562 — CVSS 7.5 (high): Dell PowerScale OneFS, versions 8.2.0-9.3.0, contain a improper handling of missing values exploit. An unauthenticated network attacker…
CVE-2022-23161 — CVSS 7.5 (high): Dell PowerScale OneFS versions 8.2.x - 9.3.0.x contain a denial-of-service vulnerability in SmartConnect. An unprivileged network attacker…
CVE-2022-24412 — CVSS 7.5 (high): Dell EMC PowerScale OneFS 8.2.x - 9.3.0.x contain an improper handling of value vulnerability. An unprivileged network attacker could…
CVE-2022-45101 — CVSS 7.3 (high): Dell PowerScale OneFS 9.0.0.x - 9.4.0.x, contains an Improper Handling of Insufficient Privileges vulnerability in NFS. A remote…
CVE-2022-22560 — CVSS 7.1 (high): Dell EMC PowerScale OneFS 8.1.x - 9.1.x contain hard coded credentials. This allows a local user with knowledge of the credentials to login…
CVE-2020-26194 — CVSS 7.0 (high): Dell EMC PowerScale OneFS versions 8.1.2 and 8.2.2 contain an Incorrect Permission Assignment for a Critical Resource vulnerability. This…
CVE-2020-26181 — CVSS 7.0 (high): Dell EMC Isilon OneFS versions 8.1 and later and Dell EMC PowerScale OneFS version 9.0.0 contain a privilege escalation vulnerability on a…
CVE-2022-34454 — CVSS 6.7 (medium): Dell PowerScale OneFS, versions 8.2.x-9.3.x, contain a heap-based buffer overflow. A local privileged malicious user could potentially…
CVE-2022-34438 — CVSS 6.7 (medium): Dell PowerScale OneFS, versions 8.2.x-9.4.0.x, contain a privilege context switching error. A local authenticated malicious user with high…
CVE-2022-34437 — CVSS 6.7 (medium): Dell PowerScale OneFS, versions 8.2.2-9.3.0, contain an OS command injection vulnerability. A privileged local malicious user could…
CVE-2022-22550 — CVSS 6.7 (medium): Dell PowerScale OneFS, versions 8.2.2 and above, contain a password disclosure vulnerability. An unprivileged local attacker could…
CVE-2023-25940 — CVSS 6.7 (medium): Dell PowerScale OneFS version 9.5.0.0 contains improper link resolution before file access vulnerability in isi_gather_info. A high…
CVE-2022-45095 — CVSS 6.7 (medium): Dell PowerScale OneFS, 8.2.x-9.4.x, contain a command injection vulnerability. An authenticated user having access local shell and having…
CVE-2022-31239 — CVSS 6.7 (medium): Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.19, 9.2.1.12, and 9.3.0.6, contain sensitive data in log files…
CVE-2023-25942 — CVSS 6.5 (medium): Dell PowerScale OneFS versions 8.2.x-9.4.x contain an uncontrolled resource consumption vulnerability. A malicious network user with low…
CVE-2021-21563 — CVSS 6.5 (medium): Dell EMC PowerScale OneFS versions 8.1.2-9.1.0.x contain an Improper Check for Unusual or Exceptional Conditions in its auditing…
CVE-2021-36305 — CVSS 6.5 (medium): Dell PowerScale OneFS contains an Unsynchronized Access to Shared Data in a Multithreaded Context in SMB CA handling. An authenticated user…
CVE-2022-46679 — CVSS 6.5 (medium): Dell PowerScale OneFS 8.2.x, 9.0.0.x - 9.4.0.x, contain an insufficient resource pool vulnerability. A remote unauthenticated attacker…
CVE-2022-45097 — CVSS 6.3 (medium): Dell PowerScale OneFS 9.0.0.x-9.4.0.x contains an Incorrect User Management vulnerability. A low privileged network attacker could…
CVE-2022-24428 — CVSS 6.3 (medium): Dell PowerScale OneFS, versions 8.2.x, 9.0.0.x, 9.1.0.x, 9.2.0.x, 9.2.1.x, and 9.3.0.x, contain an improper preservation of privileges. A…
CVE-2020-26180 — CVSS 6.3 (medium): Dell EMC Isilon OneFS supported versions 8.1 and later and Dell EMC PowerScale OneFS supported version 9.0.0 contain an access issue with…
CVE-2022-45098 — CVSS 6.1 (medium): Dell PowerScale OneFS, 9.0.0.x-9.4.0.x, contain a cleartext storage of sensitive information vulnerability in S3 component. An…
CVE-2023-25540 — CVSS 6.0 (medium): Dell PowerScale OneFS 9.4.0.x contains an incorrect default permissions vulnerability. A local malicious user could potentially exploit…
CVE-2021-21599 — CVSS 6.0 (medium): Dell EMC PowerScale OneFS versions 8.2.x - 9.2.1.x contain an OS command injection vulnerability. This may allow a user with…
CVE-2021-21595 — CVSS 6.0 (medium): Dell EMC PowerScale OneFS versions 8.2.x - 9.1.1.x contain an improper neutralization of special elements used in an OS command. This…
CVE-2021-21550 — CVSS 6.0 (medium): Dell EMC PowerScale OneFS 8.1.0-9.1.0 contain an improper neutralization of special elements used in an OS command vulnerability. This…
CVE-2021-21527 — CVSS 6.0 (medium): Dell PowerScale OneFS 8.1.0-9.1.0 contain an improper neutralization of special elements used in an OS command vulnerability. This…
CVE-2016-1346 — CVSS 5.9 (medium): The kernel in Cisco TelePresence Server 3.0 through 4.2(4.18) on Mobility Services Engine (MSE) 8710 devices allows remote attackers to…
CVE-2020-26196 — CVSS 5.5 (medium): Dell EMC PowerScale OneFS versions 8.1.0-9.1.0 contain a Backup/Restore Privilege implementation issue. A user with the BackupAdmin role…
CVE-2022-34378 — CVSS 5.5 (medium): Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.20, 9.2.1.13, 9.3.0.6, and 9.4.0.3, contain a relative path traversal…
CVE-2022-26855 — CVSS 5.5 (medium): Dell PowerScale OneFS, versions 8.2.x-9.3.0.x, contains an incorrect default permissions vulnerability. A local malicious user could…
CVE-2022-45096 — CVSS 5.4 (medium): Dell PowerScale OneFS, 8.2.0 through 9.3.0, contain an User Interface Security Issue. An unauthenticated remote user could unintentionally…
CVE-2022-23160 — CVSS 5.4 (medium): Dell PowerScale OneFS, versions 8.2.0-9.3.0, contains an Improper Handling of Insufficient Permissions vulnerability. An remote malicious…
CVE-2022-34439 — CVSS 5.3 (medium): Dell PowerScale OneFS, versions 8.2.0.x-9.4.0.x contain allocation of Resources Without Limits or Throttling vulnerability. A remote…
CVE-2020-5383 — CVSS 5.3 (medium): Dell EMC Isilon OneFS version 8.2.2 and Dell EMC PowerScale OneFS version 9.0.0 contains a buffer overflow vulnerability in the Likewise…
CVE-2022-33932 — CVSS 5.3 (medium): Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0.2, contain an unprotected primary channel…
CVE-2020-26195 — CVSS 5.3 (medium): Dell EMC PowerScale OneFS versions 8.1.2 – 9.1.0 contain an issue where the OneFS SMB directory auto-create may erroneously create a…
CVE-2022-23159 — CVSS 4.8 (medium): Dell PowerScale OneFS, 8.2.2 - 9.3.0.x, contain a missing release of memory after effective lifetime vulnerability. An authenticated user…
CVE-2022-22565 — CVSS 4.7 (medium): Dell PowerScale OneFS, versions 9.0.0-9.3.0, contain an improper authorization of index containing sensitive information. An authenticated…
CVE-2022-31238 — CVSS 4.7 (medium): Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0.2, contain a process invoked with…
CVE-2022-23163 — CVSS 4.7 (medium): Dell PowerScale OneFS, 8.2,x, 9.1.0.x, 9.2.1.x, and 9.3.0.x contain a denial of service vulnerability. A local malicious user could…
CVE-2022-22563 — CVSS 4.4 (medium): Dell EMC Powerscale OneFS 8.2.x - 9.2.x omit security-relevant information in /etc/master.passwd. A high-privileged user can exploit this…
CVE-2022-24413 — CVSS 4.4 (medium): Dell PowerScale OneFS, versions 8.2.2-9.3.x, contain a time-of-check-to-time-of-use vulnerability. A local user with access to the…
CVE-2021-21562 — CVSS 4.4 (medium): Dell EMC PowerScale OneFS contains an untrusted search path vulnerability. This vulnerability allows a user with (ISI_PRIV_LOGIN_SSH or…
CVE-2022-32480 — CVSS 4.3 (medium): Dell PowerScale OneFS, versions 9.0.0, up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0.2, contain an insecure default…
CVE-2021-21568 — CVSS 4.3 (medium): Dell EMC PowerScale OneFS versions 8.2.x - 9.2.x contain an insufficient logging vulnerability. An authenticated user with…
CVE-2022-31237 — CVSS 3.3 (low): Dell PowerScale OneFS, versions 9.2.0 up to and including 9.2.1.12 and 9.3.0.5 contain an improper preservation of permissions…
CVE-2021-21592 — CVSS 3.1 (low): Dell EMC PowerScale OneFS versions 8.2.x - 9.2.x improperly handle an exceptional condition. A remote low privileged user could potentially…
CVE-2021-36282 — CVSS 2.5 (low): Dell EMC PowerScale OneFS versions 8.2.x - 9.1.0.x contain a use of uninitialized resource vulnerability. This can potentially allow an…