CVE-2021-21592 — Improper Handling of Exceptional Conditions in Dell EMC Powerscale Onefs

CWE-755 — Improper Handling of Exceptional Conditions3 documents3 sources

Severity

6.5MEDIUMNVD

CNA3.1

EPSS

0.2%

top 55.95%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Dell EMC Powerscale Onefs Dell Powerscale Onefs

Timeline

PublishedAug 16

Latest updateMay 24

Description

Dell EMC PowerScale OneFS versions 8.2.x - 9.2.x improperly handle an exceptional condition. A remote low privileged user could potentially exploit this vulnerability, leading to unauthorized information disclosure.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 2.8 | Impact: 3.6

Affected Packages2 packages

▶NVDdell/emc_powerscale_onefs9.0.0.0 — 9.2.0+1

▶CVEListV5dell/powerscale_onefs8.2.x - 9.2.x

Patches

Patch: www.dell.com ↗Patch: www.dell.com ↗

🔴Vulnerability Details

GHSA

GHSA-2vg2-f293-3rc8: Dell EMC PowerScale OneFS versions 8↗2022-05-24

▶

CVEList

CVE-2021-21592: Dell EMC PowerScale OneFS versions 8↗2021-08-16

▶