CVE Vulnerabilities

CVE-2023-32457

Privilege Defined With Unsafe Actions

Published: Aug 29, 2023 | Modified: Nov 21, 2024
CVSS 3.x
8.8
HIGH
Source:
NVD
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu

Dell PowerScale OneFS, versions 8.2.2.x-9.5.0.x, contains an improper privilege management vulnerability. A remote attacker with low privileges could potentially exploit this vulnerability, leading to escalation of privileges.

Weakness

A particular privilege, role, capability, or right can be used to perform unsafe actions that were not intended, even when it is assigned to the correct entity.

Affected Software

Name Vendor Start Version End Version
Powerscale_onefs Dell 9.2.1.0 (including) 9.2.1.22 (including)
Powerscale_onefs Dell 9.4.0.0 (including) 9.4.0.13 (including)
Powerscale_onefs Dell 9.5.0.0 (including) 9.5.0.3 (including)

Potential Mitigations

References