PT-2021-21200 · Dell Emc · Dell Emc Powerscale Onefs

Published

2021-08-16

Updated

2022-05-03

CVE-2021-36282

CVSS v3.1

3.3

Low

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions Dell EMC PowerScale OneFS versions 8.2.x through 9.1.0.x

Description The issue is related to a use of uninitialized resource, which can potentially allow an authenticated user with ISI PRIV LOGIN CONSOLE or ISI PRIV LOGIN SSH privileges to gain access to up to 24 bytes of data within the /ifs kernel stack under certain conditions.

Recommendations For Dell EMC PowerScale OneFS versions 8.2.x through 9.1.0.x, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Use of Uninitialized Resource

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-908

Related Identifiers

CVE-2021-36282

Affected Products

Dell Emc Powerscale Onefs

PT-2021-21200 · Dell Emc · Dell Emc Powerscale Onefs

CVE-2021-36282

Weakness Enumeration

Related Identifiers

Affected Products

References · 5