Improper Privilege Management in Dell PowerScale OneFS
CVE-2024-37134

6.7MEDIUM

Key Information:

Vendor: Dell
Status: Powerscale Onefs
Vendor: CVE Published:; 2 July 2024

Summary

Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.0 exhibit a vulnerability in improper privilege management allowing a local attacker with high privileges to potentially exploit the system. This exploitation may lead to unauthorized root-level access, highlighting the importance of deploying security updates to mitigate associated risks.

References

https://www.dell.com/support/kbdoc/en-us/000226569/dsa-20...

CVSS V3.1

Score:

6.7

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jul 2, 2024