CVE-2024-25959

Name of the Vulnerable Software and Affected Versions Dell PowerScale OneFS versions 9.4.0.x through 9.7.0.x

Description The issue is related to the insertion of sensitive information into log files, which could be exploited by a low-privileged local attacker. This exploitation may lead to the disclosure of sensitive information or escalation of privileges. The vulnerability impacts various OneFS functions and could potentially allow an attacker to reveal protected information or increase their privileges.

Recommendations For Dell PowerScale OneFS versions 9.4.0.x through 9.7.0.x, patch immediately to fix the vulnerability. As a temporary workaround, consider restricting log access to minimize the risk of exploitation. Monitor for updates and apply them as soon as they become available to ensure the issue is fully resolved.