Vulnerability Details CVE-2024-25953
Dell PowerScale OneFS versions 9.4.0.x through 9.7.0.x contains an UNIX symbolic link (symlink) following vulnerability. A local high privileged attacker could potentially exploit this vulnerability, leading to denial of service, information tampering.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 27.5%
CVSS Severity
CVSS v3 Score 6.0
References
Products affected by CVE-2024-25953
-
cpe:2.3:a:dell:powerscale_onefs:9.4.0
-
cpe:2.3:a:dell:powerscale_onefs:9.4.0.14
-
cpe:2.3:a:dell:powerscale_onefs:9.4.0.15
-
cpe:2.3:a:dell:powerscale_onefs:9.4.0.16
-
cpe:2.3:a:dell:powerscale_onefs:9.5.0.0
-
cpe:2.3:a:dell:powerscale_onefs:9.5.0.5
-
cpe:2.3:a:dell:powerscale_onefs:9.5.0.6
-
cpe:2.3:a:dell:powerscale_onefs:9.5.0.7
-
cpe:2.3:a:dell:powerscale_onefs:9.6.1
-
cpe:2.3:a:dell:powerscale_onefs:9.7.0.0
-
cpe:2.3:a:dell:powerscale_onefs:9.7.0.1