Dell PowerScale OneFS, versions 8.2.x-9.4.0.x, contain a privilege context switching error. A local authenticated malicious user with high privileges could potentially exploit this vulnerability, leading to full system compromise. This impacts compliance mode clusters.
The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Emc_powerscale_onefs | Dell | 9.1.0.0 (including) | 9.1.0.22 (including) |
Emc_powerscale_onefs | Dell | 9.2.1.0 (including) | 9.2.1.15 (including) |
Emc_powerscale_onefs | Dell | 9.3.0.0 (including) | 9.3.0.7 (including) |
Emc_powerscale_onefs | Dell | 9.4.0.0 (including) | 9.4.0.5 (including) |