CVE-2025-27690Use of Default Password in Dell Powerscale Onefs

CWE-1393Use of Default Password3 documents3 sources
Severity
9.8CRITICALNVD
EPSS
0.5%
top 34.40%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Dell Powerscale Onefs
Timeline
PublishedApr 10

Description

Dell PowerScale OneFS, versions 9.5.0.0 through 9.10.1.0, contains a use of default password vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to the takeover of a high privileged user account.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages2 packages

CVEListV5dell/powerscale_onefs9.5.0.09.5.1.2+4
NVDdell/powerscale_onefs9.5.0.09.10.1.0

🔴Vulnerability Details

2
CVEList
CVE-2025-27690: Dell PowerScale OneFS, versions 92025-04-10
GHSA
GHSA-m77q-7jww-hhf9: Dell PowerScale OneFS, versions 92025-04-10
CVE-2025-27690 — Use of Default Password in Dell | cvebase