Information Disclosure Vulnerability in Dell PowerScale OneFS
CVE-2025-36601

4MEDIUM

Key Information:

Vendor: Dell
Status: Powerscale Onefs
Vendor: CVE Published:; 25 September 2025

What is CVE-2025-36601?

Dell PowerScale OneFS versions 9.5.0.0 through 9.11.0.0 are affected by a vulnerability that exposes sensitive information to unauthorized actors. This vulnerability allows unauthenticated remote attackers to potentially access confidential data, elevating the risk of information disclosure. Immediate action is recommended to mitigate potential security breaches and protect sensitive information from unauthorized access.

Affected Version(s)

PowerScale OneFS 9.5.0.0 < 9.5.1.4

References

https://www.dell.com/support/kbdoc/en-us/000353080/dsa-20...

vendor-advisory

CVSS V3.1

Score:

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 25, 2025
Vulnerability Reserved
Apr 15, 2025

JSON