What is the severity of CVE-2020-26193?

CVE-2020-26193 is considered a high severity vulnerability due to its potential for remote code execution.

How do I fix CVE-2020-26193?

To fix CVE-2020-26193, you should upgrade Dell EMC PowerScale OneFS to the latest version that includes the security patch.

Which versions of Dell EMC PowerScale OneFS are affected by CVE-2020-26193?

CVE-2020-26193 affects Dell EMC PowerScale OneFS versions 8.1.0 to 9.1.0.

Who can exploit CVE-2020-26193?

A user with the ISI_PRIV_CLUSTER privilege can exploit CVE-2020-26193.

What does CVE-2020-26193 allow an attacker to do?

CVE-2020-26193 allows an attacker to execute arbitrary OS commands on the underlying OS of the application.

Vulnerability/
CVE-2020-26193

high

7.8

CWE

78 20

9/2/2021

16/9/2024

CVE-2020-26193: OS Command Injection

First published: Tue Feb 09 2021(Updated: )

Dell EMC PowerScale OneFS versions 8.1.0 - 9.1.0 contain an improper input validation vulnerability. A user with the ISI_PRIV_CLUSTER privilege may exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS, with the privileges of the vulnerable application.

Credit: security_alert@emc.com

Affected Software	Affected Version	How to fix
Dell EMC Isilon OneFS	=8.1.0
Dell EMC Isilon OneFS	=8.1.1
Dell EMC Isilon OneFS	=8.1.2
Dell EMC Isilon OneFS	=8.2.0
Dell EMC Isilon OneFS	=8.2.1
Dell EMC Isilon OneFS	=8.2.2
Dell EMC Isilon OneFS	=9.0.0
Dell EMC Isilon OneFS	=9.1.0

Never miss a vulnerability like this again

Reference Links

https://www.dell.com/support/kbdoc/en-us/000182873/dsa-2021-009-dell-powerscale-onefs-security-update-for-multiple-vulnerabilities

Frequently Asked Questions

What is the severity of CVE-2020-26193?
CVE-2020-26193 is considered a high severity vulnerability due to its potential for remote code execution.
How do I fix CVE-2020-26193?
To fix CVE-2020-26193, you should upgrade Dell EMC PowerScale OneFS to the latest version that includes the security patch.
Which versions of Dell EMC PowerScale OneFS are affected by CVE-2020-26193?
CVE-2020-26193 affects Dell EMC PowerScale OneFS versions 8.1.0 to 9.1.0.
Who can exploit CVE-2020-26193?
A user with the ISI_PRIV_CLUSTER privilege can exploit CVE-2020-26193.
What does CVE-2020-26193 allow an attacker to do?
CVE-2020-26193 allows an attacker to execute arbitrary OS commands on the underlying OS of the application.

agent/weakness
agent/type
agent/softwarecombine
agent/author
agent/severity
agent/references
agent/description
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/event
agent/first-publish-date
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/dell
canonical/dell emc isilon onefs
version/dell emc isilon onefs/8.1.0
version/dell emc isilon onefs/8.1.1
version/dell emc isilon onefs/8.1.2
version/dell emc isilon onefs/8.2.0
version/dell emc isilon onefs/8.2.1
version/dell emc isilon onefs/8.2.2
version/dell emc isilon onefs/9.0.0
version/dell emc isilon onefs/9.1.0

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.