Improper Restriction of Excessive Authentication Attempts in Dell PowerScale OneFS
CVE-2026-22278

8.1HIGH

Key Information:

Vendor: Dell
Status: Powerscale Onefs
Vendor: CVE Published:; 22 January 2026

What is CVE-2026-22278?

Dell PowerScale OneFS versions before 9.13.0.0 are susceptible to a vulnerability that allows unauthenticated attackers with remote access to exploit improper restrictions on excessive authentication attempts. This could lead to unauthorized access to the system, significantly compromising the security and integrity of sensitive data.

Affected Version(s)

PowerScale OneFS < 9.13.0.0

References

https://www.dell.com/support/kbdoc/en-us/000415586/dsa-20...

vendor-advisory

CVSS V3.1

Score:

8.1

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 22, 2026
Vulnerability Reserved
Jan 7, 2026

CVE-2026-22278 Data

JSON