Primary

Context

Dell PowerScale OneFS Default Password Vulnerability Allowing High Privilege Account Takeover

Vulnerability

Patched

A vulnerability in Dell PowerScale OneFS has been identified, affecting versions 9.5.0.0 through 9.10.1.0. This vulnerability involves the use of default passwords, which could be exploited by an unauthenticated attacker with remote access. The exploitation of this vulnerability may lead to the takeover of a high privileged user account.

Impact

Exploitation of this vulnerability could result in the unauthorized takeover of a high privileged user account.

Remediation

Users can upgrade to PowerScale OneFS version 9.10.1.1 or later. For versions 9.5.0.0 through 9.10.0.0, the recommended upgrade is to version 9.10.1.1 or later. Instructions for downloading the update are available in the PowerScale OneFS Downloads Area.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

5.0

exploitability

7.0

remediation

8.3

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

5.0

exploitability

7.0

remediation

8.3

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Dell PowerScale OneFS Default Password Vulnerability Allowing High Privilege Account Takeover

Vulnerability

Impact

Remediation

Affected Products

Dell PowerScale OneFS

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating