CVE-2021-36278
published 2021-08-16CVE-2021-36278: Dell EMC PowerScale OneFS versions 8.2.x, 9.1.0.x, and 9.1.1.1 contain a sensitive information exposure vulnerability in log files. A local malicious user with…
medium5.5CVSS 3.1
AVLACLPRLUINSUCHINAN
Dell EMC PowerScale OneFS versions 8.2.x, 9.1.0.x, and 9.1.1.1 contain a sensitive information exposure vulnerability in log files. A local malicious user with ISI_PRIV_LOGIN_SSH, ISI_PRIV_LOGIN_CONSOLE, or ISI_PRIV_SYS_SUPPORT privileges may exploit this vulnerability to access sensitive information. If any third-party consumes those logs, the same sensitive information is available to those systems as well.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| dell | emc_powerscale_onefs | — | — |
| dell | emc_powerscale_onefs | — | — |
| dell | emc_powerscale_onefs | 8.2.0 – 8.2.2 | — |
| dell | emc_powerscale_onefs | 9.0.0.0 – 9.1.0 | — |
| dell | powerscale_onefs | — | — |