What is the severity of CVE-2020-26194?

CVE-2020-26194 is categorized as a critical vulnerability due to its potential to allow non-admin users to compromise cryptographic resources.

How do I fix CVE-2020-26194?

To mitigate CVE-2020-26194, update Dell EMC PowerScale OneFS to a version that addresses this vulnerability, specifically versions later than 8.1.2 and 8.2.2.

Who is affected by CVE-2020-26194?

CVE-2020-26194 affects users of Dell EMC PowerScale OneFS versions 8.1.2 and 8.2.2.

What types of privileges can exploit CVE-2020-26194?

Users with ISI_PRIV_LOGIN_CONSOLE or ISI_PRIV_LOGIN_SSH privileges can exploit CVE-2020-26194.

What are the potential impacts of CVE-2020-26194?

Exploitation of CVE-2020-26194 may lead to unauthorized access and compromise of cryptographic operations within the affected systems.

Vulnerability/
CVE-2020-26194

high

7.8

CWE

732

9/2/2021

17/9/2024

CVE-2020-26194

First published: Tue Feb 09 2021(Updated: )

Dell EMC PowerScale OneFS versions 8.1.2 and 8.2.2 contain an Incorrect Permission Assignment for a Critical Resource vulnerability. This may allow a non-admin user with either ISI_PRIV_LOGIN_CONSOLE or ISI_PRIV_LOGIN_SSH privileges to exploit the vulnerability, leading to compromised cryptographic operations. Note: no non-admin users or roles have these privileges by default.

Credit: security_alert@emc.com

Affected Software	Affected Version	How to fix
Dell EMC Isilon OneFS	=8.1.2
Dell EMC Isilon OneFS	=8.2.2

Never miss a vulnerability like this again

Reference Links

https://www.dell.com/support/kbdoc/en-us/000182873/dsa-2021-009-dell-powerscale-onefs-security-update-for-multiple-vulnerabilities

Frequently Asked Questions

What is the severity of CVE-2020-26194?
CVE-2020-26194 is categorized as a critical vulnerability due to its potential to allow non-admin users to compromise cryptographic resources.
How do I fix CVE-2020-26194?
To mitigate CVE-2020-26194, update Dell EMC PowerScale OneFS to a version that addresses this vulnerability, specifically versions later than 8.1.2 and 8.2.2.
Who is affected by CVE-2020-26194?
CVE-2020-26194 affects users of Dell EMC PowerScale OneFS versions 8.1.2 and 8.2.2.
What types of privileges can exploit CVE-2020-26194?
Users with ISI_PRIV_LOGIN_CONSOLE or ISI_PRIV_LOGIN_SSH privileges can exploit CVE-2020-26194.
What are the potential impacts of CVE-2020-26194?
Exploitation of CVE-2020-26194 may lead to unauthorized access and compromise of cryptographic operations within the affected systems.

agent/type
agent/softwarecombine
agent/author
agent/severity
agent/weakness
agent/references
agent/description
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/first-publish-date
agent/event
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/dell
canonical/dell emc isilon onefs
version/dell emc isilon onefs/8.1.2
version/dell emc isilon onefs/8.2.2

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.