Skip to main content

Powerscale Onefs CVE-2023-32457

HIGH
Privilege Defined With Unsafe Actions (CWE-267)
2023-08-29 security_alert@emc.com
8.8
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
8.8 HIGH
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

1
CVE Published
Aug 29, 2023 - 08:15 nvd
HIGH 8.8

DescriptionNVD

Dell PowerScale OneFS, versions 8.2.2.x-9.5.0.x, contains an improper privilege management vulnerability. A remote attacker with low privileges could potentially exploit this vulnerability, leading to escalation of privileges.

AnalysisAI

Dell PowerScale OneFS, versions 8.2.2.x-9.5.0.x, contains an improper privilege management vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Technical ContextAI

This vulnerability is classified under CWE-267. Dell PowerScale OneFS, versions 8.2.2.x-9.5.0.x, contains an improper privilege management vulnerability. A remote attacker with low privileges could potentially exploit this vulnerability, leading to escalation of privileges. Affected products include: Dell Powerscale Onefs.

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

CVE-2025-27690 CRITICAL
9.8 Apr 10

Dell PowerScale OneFS, versions 9.5.0.0 through 9.10.1.0, contains a use of default password vulnerability. Rated critic

CVE-2024-53298 CRITICAL
9.8 Jun 20

CVE-2024-53298 is a critical missing authorization vulnerability in Dell PowerScale OneFS NFS export functionality that

CVE-2023-32493 CRITICAL
9.8 Aug 16

Dell PowerScale OneFS, 9.5.0.x, contains a protection mechanism bypass vulnerability. Rated critical severity (CVSS 9.8)

CVE-2022-31230 CRITICAL
9.8 Jun 28

Dell PowerScale OneFS, versions 8.2.x-9.2.x, contain broken or risky cryptographic algorithm. Rated critical severity (C

CVE-2024-22463 CRITICAL
9.1 Mar 04

Dell PowerScale OneFS 8.2.x through 9.6.0.x contains a use of a broken or risky cryptographic algorithm vulnerability. R

CVE-2021-21553 HIGH
8.8 Aug 03

Dell PowerScale OneFS versions 8.1.0-9.1.0 contain an Incorrect User Management vulnerability.under some specific condit

CVE-2026-22278 HIGH
8.1 Jan 22

Powerscale Onefs versions up to 9.13.0.0 is affected by improper restriction of excessive authentication attempts (CVSS

CVE-2024-29170 HIGH
8.1 Jun 04

Dell PowerScale OneFS versions 8.2.x through 9.8.0.x contain a use of hard coded credentials vulnerability. Rated high s

CVE-2023-44295 HIGH
8.1 Dec 05

Dell PowerScale OneFS versions 8.2.2.x through 9.6.0.x contains an improper control of a resource through its lifetime v

CVE-2024-32853 HIGH
7.8 Jul 02

Dell PowerScale OneFS versions 8.2.2.x through 9.7.0.2 contain an execution with unnecessary privileges vulnerability. R

CVE-2024-25960 HIGH
7.8 Mar 28

Dell PowerScale OneFS versions 8.2.2.x through 9.7.0.x contains a cleartext transmission of sensitive information vulner

CVE-2024-22449 HIGH
7.8 Feb 01

Dell PowerScale OneFS versions 9.0.0.x through 9.6.0.x contains a missing authentication for critical function vulnerabi

Share

CVE-2023-32457 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy