CVE-2021-36280
published 2021-08-16CVE-2021-36280: Dell EMC PowerScale OneFS versions 8.2.x - 9.2.x contain an incorrect permission assignment for critical resource vulnerability. This could allow a user with…
medium5.5CVSS 3.1
AVLACLPRLUINSUCHINAN
Dell EMC PowerScale OneFS versions 8.2.x - 9.2.x contain an incorrect permission assignment for critical resource vulnerability. This could allow a user with ISI_PRIV_LOGIN_SSH or ISI_PRIV_LOGIN_CONSOLE to access privileged information about the cluster.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| dell | emc_powerscale_onefs | — | — |
| dell | emc_powerscale_onefs | 9.0.0.0 – 9.2.1 | — |
| dell | powerscale_onefs | — | — |
| linux | linux_kernel | >= 0 < 4.15.0-208.220 | 4.15.0-208.220 |
CVSS provenance
nvdv3.15.5MEDIUMCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
osv5.5MEDIUM