CVE-2021-36280

Name of the Vulnerable Software and Affected Versions Dell EMC PowerScale OneFS versions 8.2.x through 9.2.x

Description The issue is related to an incorrect permission assignment for a critical resource. This could allow a user with ISI PRIV LOGIN SSH or ISI PRIV LOGIN CONSOLE privileges to access privileged information about the cluster.

Recommendations For Dell EMC PowerScale OneFS versions 8.2.x through 9.2.x, consider restricting access to privileged information until a fix is available. As a temporary workaround, review and adjust the permission assignments for critical resources to prevent unauthorized access.