Description
Dell PowerScale OneFS versions 9.4.0.x through 9.7.0.x contains an insertion of sensitive information into log file vulnerability. A low privileged local attacker could potentially exploit this vulnerability, leading to sensitive information disclosure, escalation of privileges.
CVSS breakdown
CVSS 3.1
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Changed
Confidentiality
High
Integrity
Low
Availability
Low
Affected products
- Dell / PowerScale OneFS9.4.0.0 – 9.4.0.16
- Dell / PowerScale OneFS9.5.0.0 – 9.5.0.7
- Dell / PowerScale OneFS9.6.1.0 – 9.7.0.0
- Dell / PowerScale OneFS9.7.0.0 – 9.7.0.1