CVE-2020-26192

Summary

Dell EMC PowerScale OneFS versions 8.2.0 - 9.1.0 contain a privilege escalation vulnerability. A non-admin user with either ISI_PRIV_LOGIN_CONSOLE or ISI_PRIV_LOGIN_SSH may potentially exploit this vulnerability to read arbitrary data, tamper with system software or deny service to users. Note: no non-admin users or roles have these privileges by default.

Affected Software

VendorProductVersion RangeStatus
DellPowerScale OneFSunspecified < 8.2.2, 9.1+affected

Weaknesses

  • CWE-306: CWE-306: Missing Authentication for Critical Function

ADP Enrichment

CVE Program Container

Additional References

References