- Description
- Dell PowerScale OneFS 8.2.x through 9.6.0.x contain an insufficient logging vulnerability. A local malicious user with high privileges could potentially exploit this vulnerability, causing audit messages lost and not recorded for a specific time period.
- Source
- security_alert@emc.com
- NVD status
- Analyzed
- Products
- powerscale_onefs
CVSS 3.1
- Type
- Primary
- Base score
- 2.3
- Impact score
- 1.4
- Exploitability score
- 0.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N
- Severity
- LOW
- security_alert@emc.com
- CWE-778
- nvd@nist.gov
- NVD-CWE-Other
- Hype score
- Not currently trending
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dell:powerscale_onefs:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E7A0968F-D085-49E5-8DB8-6F958CE9DC2B",
"versionEndExcluding": "9.2.1.25",
"versionStartIncluding": "8.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:dell:powerscale_onefs:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2F847D5D-DE8C-4F77-B71D-0FC6B526327E",
"versionEndExcluding": "9.4.0.17",
"versionStartIncluding": "9.3.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:dell:powerscale_onefs:*:*:*:*:*:*:*:*",
"matchCriteriaId": "622539CA-1B19-48F6-994E-8AB2544B0A08",
"versionEndExcluding": "9.5.0.7",
"versionStartIncluding": "9.5.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:dell:powerscale_onefs:9.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "66EE727D-564E-4CBE-B264-F2B46D1E1640",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
]