Missing Authorization Vulnerability in Dell PowerScale OneFS
CVE-2024-53298

9.8CRITICAL

Key Information:

Vendor

Dell
Status
Powerscale Onefs
Vendor
CVE Published:
20 June 2025

Badges

📰 News Worthy

What is CVE-2024-53298?

Dell PowerScale OneFS versions 9.5.0.0 through 9.10.0.1 are exposed to a vulnerability due to missing authorization in the NFS export feature. This flaw enables unauthenticated remote attackers to gain unauthorized access, potentially allowing them to read, modify, or delete arbitrary files on the filesystem. It is crucial for users to upgrade their systems promptly to mitigate this security risk. For detailed information, refer to the vendor's advisory.

Affected Version(s)

PowerScale OneFS 9.5.0.0 <= 9.10.0.1

News Articles

favicon imageGBHackers News

Critical Dell PowerScale Vulnerability Allows Attackers Unauthorized Access to Filesystem

The most severe of these vulnerabilities, tracked as CVE-2024-53298, involves a missing authorization flaw in the NFS export functionality.

References

https://www.dell.com/support/kbdoc/en-us/000326339/dsa-20...
vendor-advisory

CVSS V3.1

Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • 📰

    First article discovered by GBHackers News

  • Vulnerability Reserved

JSON
.