First published: Tue Nov 23 2021(Updated: )
Dell PowerScale OneFS version 8.1.2 contains a sensitive information exposure vulnerability. This would allow a malicious user with ISI_PRIV_LOGIN_SSH and/or ISI_PRIV_LOGIN_CONSOLE privileges to gain access to sensitive information in the log files.
Credit: security_alert@emc.com
Affected Software | Affected Version | How to fix |
---|---|---|
Dell EMC PowerScale OneFS | =8.1.2 | |
Dell EMC PowerScale OneFS | =8.2.2 | |
Dell EMC PowerScale OneFS | =9.0.0.0 | |
Dell EMC PowerScale OneFS | =9.1.0.0 | |
Dell EMC PowerScale OneFS | =9.2.0.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2021-21561 is a vulnerability in Dell PowerScale OneFS version 8.1.2 that allows a malicious user to gain access to sensitive information in the log files.
CVE-2021-21561 has a severity rating of 5.5, which is considered high.
Dell PowerScale OneFS version 8.1.2, 8.2.2, 9.0.0.0, 9.1.0.0, and 9.2.0.0 are all affected by CVE-2021-21561.
A malicious user with ISI_PRIV_LOGIN_SSH and/or ISI_PRIV_LOGIN_CONSOLE privileges can exploit CVE-2021-21561 to gain access to sensitive information in the log files.
Yes, Dell has released a fix for CVE-2021-21561. Please refer to Dell's support website for more information.