Powerscale Onefs
CVE-2025-43722
MEDIUM
Severity by source
AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
2DescriptionCVE.org
Dell PowerScale OneFS, versions prior to 9.12.0.0, contains an improper privilege management vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to elevation of privileges.
AnalysisAI
Dell PowerScale OneFS, versions prior to 9.12.0.0, contains an improper privilege management vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified as Improper Privilege Management (CWE-269), which allows attackers to escalate privileges to gain unauthorized elevated access. Dell PowerScale OneFS, versions prior to 9.12.0.0, contains an improper privilege management vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to elevation of privileges. Affected products include: Dell Powerscale Onefs. Version information: prior to 9.12.0.0.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply principle of least privilege, validate privilege transitions, implement proper role separation.
More in Powerscale Onefs
View allDell PowerScale OneFS, versions 9.5.0.0 through 9.10.1.0, contains a use of default password vulnerability. Rated critic
CVE-2024-53298 is a critical missing authorization vulnerability in Dell PowerScale OneFS NFS export functionality that
Powerscale Onefs versions up to 9.13.0.0 is affected by improper restriction of excessive authentication attempts (CVSS
Dell PowerScale OneFS, versions 9.4.0.0 through 9.10.0.1, contains an incorrect authorization vulnerability. Rated high
Powerscale Onefs versions up to 9.10.1.6 is affected by execution with unnecessary privileges (CVSS 6.7).
Powerscale Onefs versions up to 9.10.1.6 is affected by execution with unnecessary privileges (CVSS 6.7).
Powerscale Onefs versions up to 9.10.1.6 is affected by execution with unnecessary privileges (CVSS 6.7).
Dell PowerScale OneFS versions before 9.10.1.6 and 9.11.0.0 through 9.12.0.1 contain an uncontrolled search path vulnera
Incorrect default file permissions in Dell PowerScale OneFS versions before 9.10.1.6 and 9.11.0.0 through 9.12.0.1 allow
Privilege escalation in Dell PowerScale OneFS versions before 9.10.1.6 and 9.11.0.0 through 9.12.0.1 stems from incorrec
Dell PowerScale OneFS, versions 9.4.0.0 through 9.10.0.1, contains an integer overflow or wraparound vulnerability. Rate
Dell PowerScale OneFS, versions 9.4.0.0 through 9.10.1.0, contains an out-of-bounds write vulnerability. Rated medium se
Same weakness CWE-269 – Improper Privilege Management
View allSame technique Privilege Escalation
View allShare
External POC / Exploit Code
Leaving vuln.today