Search Results (Refine Search)
- Keyword (text search): cpe:2.3:o:dell:emc_powerscale_onefs:9.3.0.6:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2022-33934 |
Dell PowerScale OneFS, versions 8.2.x through 9.4.x contain multiple stored cross-site scripting vulnerabilities. A remote authenticated malicious user with high privileges may potentially exploit these vulnerabilities to store malicious HTML or JavaScript code through multiple affected fields. Published: February 10, 2023; 3:15:52 PM -0500 |
V4.0:(not available) V3.1: 4.8 MEDIUM V2.0:(not available) |
CVE-2022-34454 |
Dell PowerScale OneFS, versions 8.2.x-9.3.x, contain a heap-based buffer overflow. A local privileged malicious user could potentially exploit this vulnerability, leading to system takeover. This impacts compliance mode clusters. Published: February 10, 2023; 5:15:11 AM -0500 |
V4.0:(not available) V3.1: 6.7 MEDIUM V2.0:(not available) |
CVE-2022-45100 |
Dell PowerScale OneFS, versions 8.2.x-9.3.x, contains an Improper Certificate Validation vulnerability. An remote unauthenticated attacker could potentially exploit this vulnerability, leading to a full compromise of the system. Published: February 01, 2023; 1:15:09 AM -0500 |
V4.0:(not available) V3.1: 9.8 CRITICAL V2.0:(not available) |
CVE-2022-45099 |
Dell PowerScale OneFS, versions 8.2.x-9.4.x, contain a weak encoding for a NDMP password. A malicious and privileged local attacker could potentially exploit this vulnerability, leading to a full system compromise Published: February 01, 2023; 1:15:08 AM -0500 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2022-34439 |
Dell PowerScale OneFS, versions 8.2.0.x-9.4.0.x contain allocation of Resources Without Limits or Throttling vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to denial of service and performance issue on that node. Published: October 21, 2022; 2:15:10 PM -0400 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2022-34438 |
Dell PowerScale OneFS, versions 8.2.x-9.4.0.x, contain a privilege context switching error. A local authenticated malicious user with high privileges could potentially exploit this vulnerability, leading to full system compromise. This impacts compliance mode clusters. Published: October 21, 2022; 2:15:09 PM -0400 |
V4.0:(not available) V3.1: 6.7 MEDIUM V2.0:(not available) |
CVE-2022-34437 |
Dell PowerScale OneFS, versions 8.2.2-9.3.0, contain an OS command injection vulnerability. A privileged local malicious user could potentially exploit this vulnerability, leading to a full system compromise. This impacts compliance mode clusters. Published: October 21, 2022; 2:15:09 PM -0400 |
V4.0:(not available) V3.1: 6.7 MEDIUM V2.0:(not available) |
CVE-2022-31239 |
Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.19, 9.2.1.12, and 9.3.0.6, contain sensitive data in log files vulnerability. A privileged local user may potentially exploit this vulnerability, leading to disclosure of this sensitive data. Published: October 21, 2022; 2:15:09 PM -0400 |
V4.0:(not available) V3.1: 4.4 MEDIUM V2.0:(not available) |
CVE-2022-34378 |
Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.20, 9.2.1.13, 9.3.0.6, and 9.4.0.3, contain a relative path traversal vulnerability. A low privileged local attacker could potentially exploit this vulnerability, leading to denial of service. Published: September 02, 2022; 2:15:12 PM -0400 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0:(not available) |
CVE-2022-34371 |
Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0.3, contain an unprotected transport of credentials vulnerability. A malicious unprivileged network attacker could potentially exploit this vulnerability, leading to full system compromise. Published: September 02, 2022; 2:15:11 PM -0400 |
V4.0:(not available) V3.1: 9.8 CRITICAL V2.0:(not available) |
CVE-2022-34369 |
Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.20, 9.2.1.13, 9.3.0.6, and 9.4.0.3 , contain an insertion of sensitive information in log files vulnerability. A remote unprivileged attacker could potentially exploit this vulnerability, leading to exposure of this sensitive data. Published: September 02, 2022; 2:15:11 PM -0400 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2022-33932 |
Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0.2, contain an unprotected primary channel vulnerability. An unauthenticated network malicious attacker may potentially exploit this vulnerability, leading to a denial of filesystem services. Published: August 22, 2022; 1:15:08 PM -0400 |
V4.0:(not available) V3.1: 5.3 MEDIUM V2.0:(not available) |
CVE-2022-32480 |
Dell PowerScale OneFS, versions 9.0.0, up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0.2, contain an insecure default initialization of a resource vulnerability. A remote authenticated attacker may potentially exploit this vulnerability, leading to information disclosure. Published: August 22, 2022; 1:15:08 PM -0400 |
V4.0:(not available) V3.1: 6.5 MEDIUM V2.0:(not available) |
CVE-2022-31238 |
Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0.2, contain a process invoked with sensitive information vulnerability. A CLI user may potentially exploit this vulnerability, leading to information disclosure. Published: August 22, 2022; 1:15:08 PM -0400 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0:(not available) |
CVE-2022-31237 |
Dell PowerScale OneFS, versions 9.2.0 up to and including 9.2.1.12 and 9.3.0.5 contain an improper preservation of permissions vulnerability in SyncIQ. A low privileged local attacker may potentially exploit this vulnerability, leading to limited information disclosure. Published: August 22, 2022; 1:15:08 PM -0400 |
V4.0:(not available) V3.1: 3.3 LOW V2.0:(not available) |