Awaiting Analysis
CVE has been recently published to the CVE List and has been received by the NVD.

Products

Dell PowerScale OneFS

8.2.x - 9.8.0.x

Source

security_alert@emc.com

CVE-2024-29170 details

Published : June 4, 2024, 1:15 p.m.
Last Modified : June 4, 2024, 4:57 p.m.

Description

Dell PowerScale OneFS versions 8.2.x through 9.8.0.x contain a use of hard coded credentials vulnerability. An adjacent network unauthenticated attacker could potentially exploit this vulnerability, leading to information disclosure of network traffic and denial of service.

CVSS Score

1	2	3	4	5	6	7	8.1	9	10

Weakness

Weakness	Name	Description

CVSS Data

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Privileges Required

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

HIGH

Base Score

8.1

Exploitability Score

Impact Score

Base Severity

HIGH

Vector String : CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

References

URL	Source
https://www.dell.com/support/kbdoc/en-us/000225667/dsa-2024-210-security-update-for-dell-powerscale-onefs-for-multiple-security-vulnerabilities	security_alert@emc.com

This website uses the NVD API, but is not approved or certified by it.

CVE-2024-29170

Products

Source

Tags

CVE-2024-29170 details

Description

CVSS Score

Weakness

CVSS Data

Attack Vector

Attack Complexity

Privileges Required

Scope

Confidentiality Impact

Integrity Impact

Availability Impact

Base Score

Exploitability Score

Impact Score

Base Severity

References