Improper Privilege Management in Dell PowerScale OneFS
CVE-2026-49501

6.7MEDIUM

Key Information:

Vendor

Dell

Vendor
CVE Published:
15 July 2026

What is CVE-2026-49501?

The vulnerability in Dell PowerScale OneFS versions 9.5.0.0 through 9.10.1.7 and 9.11.0.0 through 9.13.0.2 allows a locally authenticated attacker with elevated access to manipulate privileges improperly. This could enable the attacker to escalate their privileges, leading to unauthorized access to sensitive data or system functionalities. Users are encouraged to apply the latest security updates as outlined in Dell's advisory to mitigate the risks associated with this vulnerability.

Affected Version(s)

PowerScale OneFS 0 < 9.10.1.8 or later

PowerScale OneFS 0 < 9.13.1.0 or later

References

CVSS V3.1

Score:
6.7
Severity:
MEDIUM
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.