Primary

Context

Dell PowerScale OneFS Incorrect Authorization Vulnerability Allowing Access to Disabled User Privileges

Vulnerability

Patched

An incorrect authorization vulnerability has been identified in Dell PowerScale OneFS versions 9.4.0.0 through 9.10.0.1. This vulnerability allows an unauthenticated attacker with local access to exploit the system and gain access to the cluster using the previous privileges of a disabled user account.

Impact

Exploitation of this vulnerability could lead to unauthorized access to cluster resources and privileges, potentially allowing for further actions within the system that could be harmful or disruptive.

Remediation

Users can upgrade to Dell PowerScale OneFS version 9.10.1.1 or later. For more information on downloading the update, visit the PowerScale OneFS Downloads Area.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

5.0

exploitability

4.9

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

5.0

exploitability

4.9

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Dell PowerScale OneFS Incorrect Authorization Vulnerability Allowing Access to Disabled User Privileges

Vulnerability

Impact

Remediation

Affected Products

Dell PowerScale OneFS

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating