CVE-2021-21567
EUVD-2021-883910.08.2021, 19:15
Dell PowerScale OneFS 9.1.0.x contains an improper privilege management vulnerability. It may allow an authenticated user with ISI_PRIV_LOGIN_SSH and/or ISI_PRIV_LOGIN_CONSOLE to elevate privilege.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| dell | powerscale_onefs | 9.0.0.0 |
| dell | powerscale_onefs | 9.1.0.0 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
- CWE-732 - Incorrect Permission Assignment for Critical ResourceThe product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.
- CWE-269 - Improper Privilege ManagementThe software does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.