Missing Authorization Vulnerability in Dell PowerScale OneFS
CVE-2024-53298

9.8CRITICAL

Key Information:

Vendor

Dell

Vendor
CVE Published:
20 June 2025

Badges

đź“° News Worthy

What is CVE-2024-53298?

Dell PowerScale OneFS versions 9.5.0.0 through 9.10.0.1 are exposed to a vulnerability due to missing authorization in the NFS export feature. This flaw enables unauthenticated remote attackers to gain unauthorized access, potentially allowing them to read, modify, or delete arbitrary files on the filesystem. It is crucial for users to upgrade their systems promptly to mitigate this security risk. For detailed information, refer to the vendor's advisory.

Affected Version(s)

PowerScale OneFS 9.5.0.0 <= 9.10.0.1

News Articles

Critical Dell PowerScale Vulnerability Allows Attackers Unauthorized Access to Filesystem

The most severe of these vulnerabilities, tracked as CVE-2024-53298, involves a missing authorization flaw in the NFS export functionality.

4 weeks ago

References

CVSS V3.1

Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • đź“°

    First article discovered by GBHackers News

  • Vulnerability Reserved

.
CVE-2024-53298 : Missing Authorization Vulnerability in Dell PowerScale OneFS