CVE-2026-22280Incorrect Permission Assignment in Dell Powerscale Onefs

CWE-732Incorrect Permission Assignment3 documents3 sources
Severity
5.5MEDIUMNVD
CNA5.0
EPSS
0.0%
top 99.72%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Dell Powerscale Onefs
Timeline
PublishedJan 22

Description

Dell PowerScale OneFS, versions 9.5.0.0 through 9.5.1.5, versions 9.6.0.0 through 9.7.1.10, versions 9.8.0.0 through 9.10.1.3, versions starting from 9.11.0.0 and prior to 9.13.0.0, contains an incorrect permission assignment for critical resource vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to denial of service.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages2 packages

CVEListV5dell/powerscale_onefsN/A9.13.0.0+3
NVDdell/powerscale_onefs9.5.0.09.5.1.6+3

🔴Vulnerability Details

2
GHSA
GHSA-wh7m-9x3m-593c: Dell PowerScale OneFS, versions 92026-01-22
CVEList
CVE-2026-22280: Dell PowerScale OneFS, versions 92026-01-22
CVE-2026-22280 — Incorrect Permission Assignment | cvebase