Primary

Context

Dell PowerScale OneFS Sensitive Information Disclosure Vulnerability

Vulnerability

Patched

A vulnerability allowing the generation of error messages containing sensitive information exists in Dell PowerScale OneFS versions 9.5.0.0 through 9.10.1.6, as well as versions 9.11.0.0 through 9.13.0.0. This vulnerability could be exploited by a high-privileged attacker with local access, potentially leading to unauthorized information disclosure.

Impact

Exploitation of this vulnerability could result in the unauthorized disclosure of sensitive information.

Remediation

Users can upgrade to Dell PowerScale OneFS version 9.10.1.7 or later if they are on a version prior to 9.10.1.6. For those on versions 9.11.0.0 through 9.13.0.0, upgrading to version 9.13.0.1 or later is recommended.

Added: Apr 8, 2026, 1:51 PM

Updated: Apr 8, 2026, 1:51 PM

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

2.5

exploitability

3.0

remediation

7.7

relevance

5.5

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

2.5

exploitability

3.0

remediation

7.7

relevance

5.5

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Dell PowerScale OneFS Sensitive Information Disclosure Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Dell PowerScale OneFS

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating