CVE-2026-22278Improper Restriction of Excessive Authentication Attempts in Dell Powerscale Onefs

CWE-307Improper Restriction of Excessive Authentication Attempts3 documents3 sources
Severity
9.8CRITICALNVD
CNA8.1
EPSS
0.1%
top 84.78%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Dell Powerscale Onefs
Timeline
PublishedJan 22

Description

Dell PowerScale OneFS versions prior to 9.13.0.0 contains an improper restriction of excessive authentication attempts vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Unauthorized access.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages2 packages

CVEListV5dell/powerscale_onefsN/A9.13.0.0
NVDdell/powerscale_onefs< 9.13.0.0

🔴Vulnerability Details

2
CVEList
CVE-2026-22278: Dell PowerScale OneFS versions prior to 92026-01-22
GHSA
GHSA-crpf-mfwx-mmmm: Dell PowerScale OneFS versions prior to 92026-01-22
CVE-2026-22278 — Dell Powerscale Onefs vulnerability | cvebase