Severity by source
AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Lifecycle Timeline
3DescriptionCVE.org
Dell PowerScale OneFS versions 9.5.0.0 through 9.5.1.6, 9.6.0.0 through 9.7.1.13, 9.8.0.0 through 9.10.1.5 and 9.11.0.0 through 9.12.0.1 contains an Insufficient Logging vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information tampering.
AnalysisAI
Dell PowerScale OneFS versions 9.5.0.0 through 9.12.0.1 contain an insufficient logging vulnerability that allows low-privileged local attackers to tamper with information without generating adequate audit trails, enabling attack obfuscation and compliance violation. The vulnerability affects multiple version branches across OneFS 9.5 through 9.12, with no public exploit code identified at time of analysis. CVSS score of 3.3 reflects low-to-medium integrity impact with local access requirement and low complexity.
Technical ContextAI
Dell PowerScale OneFS is a clustered file system and NAS operating system providing storage management for enterprise environments. The vulnerability stems from insufficient audit logging (CWE-778) in affected OneFS versions, meaning that certain system activities or configuration changes do not generate adequate log entries for forensic or compliance purposes. This allows attackers to perform unauthorized actions while evading detection and accountability mechanisms that rely on audit trail review. The issue affects the logging infrastructure itself rather than a specific cryptographic or protocol implementation, making it a systemic control weakness across multiple OneFS components or modules.
RemediationAI
Apply the security update provided by Dell per advisory DSA-2026-172, upgrading to patched OneFS versions beyond the affected ranges: upgrade from 9.5.x to 9.5.2.0 or later, from 9.6/9.7.x to 9.7.1.14 or later, from 9.8/9.9/9.10.x to 9.10.1.6 or later, or from 9.11/9.12.x to 9.12.0.2 or later (consult the advisory for exact patched version numbers). Before patching, restrict low-privileged user access to OneFS administrative interfaces and audit log locations via role-based access control (RBAC) and file system permissions, though this does not eliminate the underlying logging gap. Implement centralized syslog forwarding to an immutable off-cluster logging destination (SIEM or dedicated log server) with write-once storage, ensuring that even if local logs are tampered with, off-cluster records remain intact for forensic review. Monitor and alert on audit log size changes, gaps in log timestamps, or repeated archive deletions that might indicate tampering. Schedule patching within 60 days for regulated environments and 90 days for non-critical deployments, as the attack surface is limited to local low-privilege users.
SQL injection vulnerability in d4d/statusFilter.php in Plixer Scrutinizer (aka Dell SonicWALL Scrutinizer) before 9.5.2
The ViewPoint web application in Dell SonicWALL Global Management System (GMS) before 7.2 SP2, SonicWALL Analyzer before
The MySQL component in Plixer Scrutinizer (aka Dell SonicWALL Scrutinizer) 9.0.1.19899 and earlier has a default passwor
Multiple SQL injection vulnerabilities in Dell SonicWall Scrutinizer 11.0.1 allow remote authenticated users to execute
Dell RecoverPoint for Virtual Machines prior to 6.0.3.1 HF1 contains hardcoded credentials (CVE-2026-22769, CVSS 10.0) t
An unrestricted file upload vulnerability exists in Dell (acquired by Quest) KACE K1000 System Management Appliance vers
cgi-bin/admin.cgi in the web console in Plixer Scrutinizer (aka Dell SonicWALL Scrutinizer) before 9.5.0 does not requir
The IPMI 1.5 functionality in Dell iDRAC6 modular before 3.65, iDRAC6 monolithic before 1.98, and iDRAC7 before 1.57.57
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of EMC Data Protection
d4d/uploader.php in the web console in Plixer Scrutinizer (aka Dell SonicWALL Scrutinizer) before 9.5.0 allows remote at
Dell dbutil_2_3.sys driver contains an insufficient access control vulnerability which may lead to escalation of privile
Dell Unity, version(s) 5.5 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('
Same weakness CWE-778 – Insufficient Logging
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-28592
GHSA-h5fg-9m4r-vrcj