CVE-2024-32852

EUVD-2024-30638
Dell PowerScale OneFS versions 8.2.2.x through 9.7.0.0 contain use of a broken or risky cryptographic algorithm vulnerability. An unprivileged network malicious attacker could potentially exploit this vulnerability, leading to data leaks.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.9 MEDIUM
NETWORK
HIGH
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 39%
Affected Products (NVD)
VendorProductVersion
dellpowerscale_onefs
8.2.0 ≤
𝑥
< 9.5.1.0
dellpowerscale_onefs
9.6.0 ≤
𝑥
< 9.7.1.0
𝑥
= Vulnerable software versions
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
VendorProductVersionSource
dellpowerscale_onefs
8.2.2 ≤
𝑥
≤ 9.7.0.0
ADP
Common Weakness Enumeration
References
https://www.dell.com/support/kbdoc/en-us/000226569/dsa-2024-255-security-update-for-dell-powerscale-onefs-for-multiple-security-vulnerabilities
https://www.dell.com/support/kbdoc/en-us/000226569/dsa-2024-255-security-update-for-dell-powerscale-onefs-for-multiple-security-vulnerabilities