CVE-2026-25907Overly Restrictive Account Lockout Mechanism in Dell Powerscale Onefs

CWE-645Overly Restrictive Account Lockout Mechanism3 documents3 sources
Severity
7.5HIGHNVD
CNA5.3
EPSS
0.1%
top 79.69%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Dell Powerscale Onefs
Timeline
PublishedMar 4

Description

Dell PowerScale OneFS, version 9.13.0.0, contains an overly restrictive account lockout mechanism vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to denial of service.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

CVEListV5dell/powerscale_onefs9.13.0.09.13.0.1 or later
NVDdell/powerscale_onefs9.13.0.0

🔴Vulnerability Details

2
GHSA
GHSA-vf76-2hrm-w58j: Dell PowerScale OneFS, version 92026-03-04
CVEList
CVE-2026-25907: Dell PowerScale OneFS, version 92026-03-04
CVE-2026-25907 — Dell Powerscale Onefs vulnerability | cvebase