CVE ID | Published | Description | Score | Severity |
---|---|---|---|---|
Dell EMC PowerScale OneFS 8.1.x - 9.1.x contain hard coded credentials. This allows a local user with knowledge of the credentials to login as the admin user to the backend ethernet switch of a PowerScale cluster. The attacker can exploit this vulnerability to take the switch offline. | 7.1 |
High |
||
Dell EMC PowerScale OneFS versions 8.1.2-9.1.0.x contain an Improper Check for Unusual or Exceptional Conditions in its auditing component.This can lead to an authenticated user with low-privileges to trigger a denial of service event. | 6.5 |
Medium |
||
Dell EMC PowerScale OneFS contains an untrusted search path vulnerability. This vulnerability allows a user with (ISI_PRIV_LOGIN_SSH or ISI_PRIV_LOGIN_CONSOLE) and (ISI_PRIV_SYS_UPGRADE or ISI_PRIV_AUDIT) to provide an untrusted path which can lead to run resources that are not under the application’s direct control. | 4.4 |
Medium |