Impact
Critical
Details
Proprietary Code CVE |
Description |
CVSS Base Score |
CVSS Vector String |
CVE-2021-21567 |
Dell PowerScale OneFS 9.1.0.x contains an improper privilege management vulnerability. It may allow an authenticated user with ISI_PRIV_LOGIN_SSH and/or ISI_PRIV_LOGIN_CONSOLE to elevate privilege. Since this also affects Compliance mode, this is a critical vulnerability and Dell recommends upgrading at the earliest opportunity. |
7.8 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Third-party Component |
CVE |
More information |
Python |
CVE-2021-3177 |
See Advisory: Python Issue 42938 |
Proprietary Code CVE |
Description |
CVSS Base Score |
CVSS Vector String |
CVE-2021-21567 |
Dell PowerScale OneFS 9.1.0.x contains an improper privilege management vulnerability. It may allow an authenticated user with ISI_PRIV_LOGIN_SSH and/or ISI_PRIV_LOGIN_CONSOLE to elevate privilege. Since this also affects Compliance mode, this is a critical vulnerability and Dell recommends upgrading at the earliest opportunity. |
7.8 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Third-party Component |
CVE |
More information |
Python |
CVE-2021-3177 |
See Advisory: Python Issue 42938 |
Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.
CVEs Addressed |
Affected Versions |
Updated Versions |
Link to Update |
CVE-2021-3177 |
8.1.x, 8.2x, 9.0.0.x, and 9.2.0 |
Upgrade your version of OneFS |
PowerScale Downloads Area |
8.1.2, 8.2.2, and 9.1.0.x |
Download and install the relevant GA-RUP_2021-06 |
CVE-2021-21567 |
9.0.0.x |
Upgrade your version of OneFS |
9.1.0.x |
Download and install the relevant GA-RUP_2021-06 |
CVEs Addressed |
Affected Versions |
Updated Versions |
Link to Update |
CVE-2021-3177 |
8.1.x, 8.2x, 9.0.0.x, and 9.2.0 |
Upgrade your version of OneFS |
PowerScale Downloads Area |
8.1.2, 8.2.2, and 9.1.0.x |
Download and install the relevant GA-RUP_2021-06 |
CVE-2021-21567 |
9.0.0.x |
Upgrade your version of OneFS |
9.1.0.x |
Download and install the relevant GA-RUP_2021-06 |
Revision History
Revision | Date | Description |
1.0 | 2021-07-12 | Initial Release |
Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide
Affected Products
PowerScale OneFS, Product Security Information