Critical
Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
CVE-2023-25941 | Dell PowerScale OneFS versions 8.2.x-9.5.0.x contain an elevation of privilege vulnerability. A low-privileged local attacker could potentially exploit this vulnerability, leading to Denial of service, escalation of privileges, and information disclosure. This vulnerability breaks the compliance mode guarantee. | 7.8 | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
CVE-2023-25940 | Dell PowerScale OneFS version 9.5.0.0 contains improper link resolution before file access vulnerability in isi_gather_info. A high privileged local attacker could potentially exploit this vulnerability, leading to system takeover and it breaks the compliance mode guarantees. | 6.7 | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
CVE-2023-25942 | Dell PowerScale OneFS versions 8.2.x-9.4.x contain an uncontrolled resource consumption vulnerability. A malicious network user with low privileges could potentially exploit this vulnerability in SMB, leading to a potential denial of service. | 6.5 | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
Third-Party Component | CVEs | CVSS Vector String |
Apache | CVE-2022-26377 CVE-2022-28330 CVE-2022-28614 CVE-2022-28615 CVE-2022-29404 CVE-2022-30522 CVE-2022-30556 CVE-2022-31813 |
See NVD for more details. See NVD for more details. See NVD for more details. See NVD for more details. See NVD for more details. See NVD for more details. See NVD for more details. See NVD for more details. |
FreeBSD | CVE-2019-15876 | See NVD for more details. |
Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
CVE-2023-25941 | Dell PowerScale OneFS versions 8.2.x-9.5.0.x contain an elevation of privilege vulnerability. A low-privileged local attacker could potentially exploit this vulnerability, leading to Denial of service, escalation of privileges, and information disclosure. This vulnerability breaks the compliance mode guarantee. | 7.8 | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
CVE-2023-25940 | Dell PowerScale OneFS version 9.5.0.0 contains improper link resolution before file access vulnerability in isi_gather_info. A high privileged local attacker could potentially exploit this vulnerability, leading to system takeover and it breaks the compliance mode guarantees. | 6.7 | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
CVE-2023-25942 | Dell PowerScale OneFS versions 8.2.x-9.4.x contain an uncontrolled resource consumption vulnerability. A malicious network user with low privileges could potentially exploit this vulnerability in SMB, leading to a potential denial of service. | 6.5 | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
Third-Party Component | CVEs | CVSS Vector String |
Apache | CVE-2022-26377 CVE-2022-28330 CVE-2022-28614 CVE-2022-28615 CVE-2022-29404 CVE-2022-30522 CVE-2022-30556 CVE-2022-31813 |
See NVD for more details. See NVD for more details. See NVD for more details. See NVD for more details. See NVD for more details. See NVD for more details. See NVD for more details. See NVD for more details. |
FreeBSD | CVE-2019-15876 | See NVD for more details. |
CVEs Addressed | Product | Affected Versions | Updated Versions | Link to Update |
CVE-2022-26377
CVE-2022-28330
CVE-2022-28614
CVE-2022-28615
CVE-2022-29404
CVE-2022-30522
CVE-2022-30556
CVE-2022-31813
|
PowerScale OneFS | 9.1.0.0 through 9.1.0.27 9.2.1.0 through 9.2.1.20 9.4.0.0 through 9.4.0.12 |
Download and install the latest RUP. >= 9.1.0.28 >= 9.2.1.21 >= 9.4.0.13 |
PowerScale OneFS Downloads Area |
Any other version | Upgrade your version of PowerScale OneFS. | |||
CVE-2023-25941 |
PowerScale OneFS | 9.2.1.0 through 9.2.1.21 9.4.0.0 through 9.4.0.12 9.5.0.0 through 9.5.0.1 |
Download and install the latest RUP. >= 9.2.1.22 >= 9.4.0.13 >= 9.5.0.2 |
|
9.1.0.0 through 9.1.0.28 | Upgrade your version of PowerScale OneFS to >= 9.4.0.13. | |||
Any other version | Upgrade your version of PowerScale OneFS. | |||
CVE-2023-25940 | PowerScale OneFS | 9.5.0.0 | Download and install the latest RUP. >= 9.5.0.1 |
|
CVE-2023-25942 |
PowerScale OneFS | 9.2.1.0 through 9.2.1.21 9.4.0.0 through 9.4.0.12 9.5.0.0 |
Download and install the latest RUP. >= 9.2.1.22 >= 9.4.0.13 >= 9.5.0.1 |
|
9.1.0.0 through 9.1.0.28 | Upgrade your version of PowerScale OneFS to >= 9.4.0.13. | |||
Any other version | Upgrade your version of PowerScale OneFS. | |||
CVE-2019-15876 |
PowerScale OneFS with Gen6 H5600 node | 9.2.1.0 through 9.2.1.21 9.4.0.0 through 9.4.0.12 9.5.0.0 |
Download and install the latest RUP. >= 9.2.1.22 >= 9.4.0.13 >= 9.5.0.1 |
|
9.1.0.0 through 9.1.0.28 | Upgrade your version of PowerScale OneFS to >= 9.4.0.13. | |||
Any other version | Upgrade your version of PowerScale OneFS. |
CVEs Addressed | Product | Affected Versions | Updated Versions | Link to Update |
CVE-2022-26377
CVE-2022-28330
CVE-2022-28614
CVE-2022-28615
CVE-2022-29404
CVE-2022-30522
CVE-2022-30556
CVE-2022-31813
|
PowerScale OneFS | 9.1.0.0 through 9.1.0.27 9.2.1.0 through 9.2.1.20 9.4.0.0 through 9.4.0.12 |
Download and install the latest RUP. >= 9.1.0.28 >= 9.2.1.21 >= 9.4.0.13 |
PowerScale OneFS Downloads Area |
Any other version | Upgrade your version of PowerScale OneFS. | |||
CVE-2023-25941 |
PowerScale OneFS | 9.2.1.0 through 9.2.1.21 9.4.0.0 through 9.4.0.12 9.5.0.0 through 9.5.0.1 |
Download and install the latest RUP. >= 9.2.1.22 >= 9.4.0.13 >= 9.5.0.2 |
|
9.1.0.0 through 9.1.0.28 | Upgrade your version of PowerScale OneFS to >= 9.4.0.13. | |||
Any other version | Upgrade your version of PowerScale OneFS. | |||
CVE-2023-25940 | PowerScale OneFS | 9.5.0.0 | Download and install the latest RUP. >= 9.5.0.1 |
|
CVE-2023-25942 |
PowerScale OneFS | 9.2.1.0 through 9.2.1.21 9.4.0.0 through 9.4.0.12 9.5.0.0 |
Download and install the latest RUP. >= 9.2.1.22 >= 9.4.0.13 >= 9.5.0.1 |
|
9.1.0.0 through 9.1.0.28 | Upgrade your version of PowerScale OneFS to >= 9.4.0.13. | |||
Any other version | Upgrade your version of PowerScale OneFS. | |||
CVE-2019-15876 |
PowerScale OneFS with Gen6 H5600 node | 9.2.1.0 through 9.2.1.21 9.4.0.0 through 9.4.0.12 9.5.0.0 |
Download and install the latest RUP. >= 9.2.1.22 >= 9.4.0.13 >= 9.5.0.1 |
|
9.1.0.0 through 9.1.0.28 | Upgrade your version of PowerScale OneFS to >= 9.4.0.13. | |||
Any other version | Upgrade your version of PowerScale OneFS. |
Revision | Date | Description |
1.0 | 2023-03-23 | Initial Release |
1.1 | 2023-06-19 | Updated CVE description for CVE-2023-25940 |
1.2 | 2023-06-22 | Added notes for Proprietary Code CVEs and updated hyperlink for CVE-2022-28615 |