CVE-2023-32457

Summary

Dell PowerScale OneFS, versions 8.2.2.x-9.5.0.x, contains an improper privilege management vulnerability. A remote attacker with low privileges could potentially exploit this vulnerability, leading to escalation of privileges.

Affected Software

VendorProductVersion RangeStatus
DellPowerScale OneFSVersion 9.2.1.0 through 9.2.1.22affected
DellPowerScale OneFSVersion 9.4.0.0 through 9.4.0.13affected
DellPowerScale OneFSVersion 9.5.0.0 through 9.5.0.3affected

Weaknesses

  • CWE-267: CWE-267: Privilege Defined With Unsafe Actions

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References