Description
Dell PowerScale OneFS, versions 9.5.0.0 through 9.10.1.0, contains a use of default password vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to the takeover of a high privileged user account.
CVSS breakdown
CVSS 3.1
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Affected products
- Dell / PowerScale OneFS9.5.0.0 – 9.5.1.2
- Dell / PowerScale OneFS9.6.0.0 – 9.7.1.6
- Dell / PowerScale OneFS9.8.0.0 – 9.8.0.2
- Dell / PowerScale OneFS9.9.0.0 – 9.9.0.1
- Dell / PowerScale OneFS9.10.0.0 – 9.10.1.0