Missing Authorization Vulnerability in Dell PowerScale OneFS
CVE-2024-53298

9.8CRITICAL

Key Information:

Vendor: Dell
Status: Powerscale Onefs
Vendor: CVE Published:; 20 June 2025

🔔 Create Dell Vulnerability Alert

Badges

📰 News Worthy

What is CVE-2024-53298?

Dell PowerScale OneFS versions 9.5.0.0 through 9.10.0.1 are exposed to a vulnerability due to missing authorization in the NFS export feature. This flaw enables unauthenticated remote attackers to gain unauthorized access, potentially allowing them to read, modify, or delete arbitrary files on the filesystem. It is crucial for users to upgrade their systems promptly to mitigate this security risk. For detailed information, refer to the vendor's advisory.

Affected Version(s)

PowerScale OneFS 9.5.0.0 <= 9.10.0.1

News Articles

Critical Dell PowerScale Vulnerability Allows Attackers Unauthorized Access to Filesystem

The most severe of these vulnerabilities, tracked as CVE-2024-53298, involves a missing authorization flaw in the NFS export functionality.

thmubnail image

References

https://www.dell.com/support/kbdoc/en-us/000326339/dsa-20...

vendor-advisory

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 20, 2025
📰
First article discovered by GBHackers News
Jun 5, 2025
Vulnerability Reserved
Nov 20, 2024

.

CVE-2024-53298 : Missing Authorization Vulnerability in Dell PowerScale OneFS