CVE-2025-23378Exposure of Information Through Directory Listing in Dell Powerscale Onefs

CWE-548Exposure of Information Through Directory Listing3 documents3 sources
Severity
3.3LOWNVD
EPSS
0.1%
top 79.63%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Dell Powerscale Onefs
Timeline
PublishedApr 10

Description

Dell PowerScale OneFS, versions 9.4.0.0 through 9.10.0.0, contains an exposure of information through directory listing vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to information disclosure.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:NExploitability: 1.8 | Impact: 1.4

Affected Packages2 packages

CVEListV5dell/powerscale_onefs9.4.0.09.10.0.0+2
NVDdell/powerscale_onefs9.4.09.10.0.0

🔴Vulnerability Details

2
GHSA
GHSA-ppxp-2q6f-m9hh: Dell PowerScale OneFS, versions 92025-04-10
CVEList
CVE-2025-23378: Dell PowerScale OneFS, versions 92025-04-10
CVE-2025-23378 — Dell Powerscale Onefs vulnerability | cvebase