Описание
Dell EMC PowerScale OneFS 8.1.x - 9.1.x contain hard coded credentials. This allows a local user with knowledge of the credentials to login as the admin user to the backend ethernet switch of a PowerScale cluster. The attacker can exploit this vulnerability to take the switch offline.
Ссылки
- PatchVendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 8.1.0 (включая) до 9.2.1.0 (включая)
cpe:2.3:o:dell:emc_powerscale_onefs:*:*:*:*:*:*:*:*
EPSS
Процентиль: 9%
0.00034
Низкий
7.1 High
CVSS3
5.5 Medium
CVSS3
4.9 Medium
CVSS2
Дефекты
CWE-798
CWE-798
Связанные уязвимости
CVSS3: 5.5
github
почти 4 года назад
Dell EMC PowerScale OneFS 8.1.x - 9.1.x contain hard coded credentials. This allows a local user with knowledge of the credentials to login as the admin user to the backend ethernet switch of a PowerScale cluster. The attacker can exploit this vulnerability to take the switch offline.
EPSS
Процентиль: 9%
0.00034
Низкий
7.1 High
CVSS3
5.5 Medium
CVSS3
4.9 Medium
CVSS2
Дефекты
CWE-798
CWE-798