CVE-2026-21422 — External Control of System or Configuration Setting in Dell Powerscale Onefs

CWE-15 — External Control of System or Configuration Setting3 documents3 sources

Severity

6.7MEDIUMNVD

CNA3.4

EPSS

0.0%

top 95.90%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Dell Powerscale Onefs

Timeline

PublishedMar 4

Description

Dell PowerScale OneFS, versions 9.10.0.0 through 9.10.1.5 and versions 9.11.0.0 through 9.12.0.1, contains an external control of system or configuration setting vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to protection mechanism bypass.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HExploitability: 0.8 | Impact: 5.9

Affected Packages2 packages

▶CVEListV5dell/powerscale_onefs9.11.0.0 through 9.12.0.1 — 9.13.0.0 or later+1

▶NVDdell/powerscale_onefs9.10.0.0 — 9.10.1.6+1

🔴Vulnerability Details

GHSA

GHSA-rc26-62rx-429v: Dell PowerScale OneFS, versions 9↗2026-03-04

▶

CVEList

CVE-2026-21422: Dell PowerScale OneFS, versions 9↗2026-03-04

▶