HIGH✓ PATCH🇵🇱 Wersja polska

CVE-2025-26330

CVSS 7.0v3.1pub. 2025-04-10upd. 2025-07-15

Dell PowerScale OneFS, versions 9.4.0.0 through 9.10.0.1, contains an incorrect authorization vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability to access the cluster with previous privileges of a disabled user account.

CVSS Vector
CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
  • Dell Powerscale Onefs

    APP
    Dell
    9.4.0 – 9.10.1.1
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
Tags
Auth Bypass
CWE
References

Related vulnerabilities

CVE-2024-53298CRITICAL9.8PL ✓ten sam produkt

Brak autoryzacji w NFS export — Dell PowerScale OneFS (Auth Bypass)

CVE-2025-27690CRITICAL9.8PL ✓ten sam produkt

Dell PowerScale OneFS — przejęcie konta przez domyślne hasło

CVE-2022-31229CRITICAL9.6ten sam produkt

Dell PowerScale OneFS, 8.2.x through 9.3.0.x, contain an error message with sensitive information. An administ...

CVE-2026-22278HIGH8.1ten sam produkt

Dell PowerScale OneFS versions prior to 9.13.0.0 contains an improper restriction of excessive authentication ...

CVE-2025-26481HIGH7.5ten sam produkt

Dell PowerScale OneFS, versions 9.4.0.0 through 9.9.0.0, contains an uncontrolled resource consumption vulnera...