CVE-2025-26330

Summary

Dell PowerScale OneFS, versions 9.4.0.0 through 9.10.0.1, contains an incorrect authorization vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability to access the cluster with previous privileges of a disabled user account.

Affected Software

VendorProductVersion RangeStatus
DellPowerScale OneFS9.4.0.0 <= 9.10.0.1affected
DellPowerScale OneFS9.7.0.0 <= 9.7.1.4affected

Weaknesses

  • CWE-863: CWE-863: Incorrect Authorization

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References