Permission Misconfiguration in Dell PowerScale OneFS
CVE-2026-22280

5MEDIUM

Key Information:

Vendor: Dell
Status: Powerscale Onefs
Vendor: CVE Published:; 22 January 2026

What is CVE-2026-22280?

Dell PowerScale OneFS has a vulnerability that arises from incorrect permission assignments for critical resources across several versions. This allows an attacker with local access, albeit with low privileges, to exploit the flaw, potentially leading to a denial of service. Users of affected versions should review updates and advisories from Dell to mitigate risks associated with this issue.

Affected Version(s)

PowerScale OneFS < 9.13.0.0

PowerScale OneFS < 9.5.1.6

PowerScale OneFS < 9.7.1.11

References

https://www.dell.com/support/kbdoc/en-us/000415586/dsa-20...

vendor-advisory

CVSS V3.1

Score:

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 22, 2026
Vulnerability Reserved
Jan 7, 2026

CVE-2026-22280 Data

JSON