Dell PowerScale OneFS
Easy fix4 remedies
cpe:2.3:a:dell:powerscale_onefs:*:*:*:*:*:*:*, +2 more
Easy fix4 remedies
- >= 9.5.0.0, <= 9.10.0.1
- >= 9.7.0.0, <= 9.7.1.7
- >= 9.5.0.0, <= 9.5.1.2
Dell PowerScale OneFS SQL Injection Vulnerability Leading to Denial-of-Service and Information Issues
Vulnerability
Patched
A SQL injection vulnerability has been identified in Dell PowerScale OneFS versions 9.5.0.0 through 9.10.0.1. This vulnerability arises from improper neutralization of special elements used in SQL commands, allowing a low-privileged attacker with local access to potentially exploit the issue. The exploitation could result in denial-of-service, information disclosure, and information tampering.
Impact
Exploitation of this vulnerability could lead to a denial-of-service, unauthorized information disclosure, and unauthorized modification of information.
Remediation
Users are advised to upgrade to version 9.10.1.2 or later. For versions 9.7.0.0 through 9.7.1.7, upgrade to version 9.7.1.8 or later. For versions 9.5.0.0 through 9.5.1.2, upgrade to version 9.5.1.3 or later. The PowerScale OneFS Downloads Area can be accessed for the latest versions.
Added: Jun 20, 2025, 2:34 PM
Updated: Jun 20, 2025, 2:34 PM
Vulnerability Rating
Custom Algorithm
spread
4.5impact
5.6exploitability
3.5remediation
8.3relevance
0.2threat
0.0urgency
2.9incentive
1.7Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.