CVE-2024-24901

Sažetak

Dell PowerScale OneFS 8.2.x through 9.6.0.x contain an insufficient logging vulnerability. A local malicious user with high privileges could potentially exploit this vulnerability, causing audit messages lost and not recorded for a specific time period.

Reference

https://www.dell.com/support/kbdoc/en-us/000222691/dsa-2024-062-security-update-for-dell-powerscale-onefs-for-proprietary-code-vulnerabilities
https://www.dell.com/support/kbdoc/en-us/000222691/dsa-2024-062-security-update-for-dell-powerscale-onefs-for-proprietary-code-vulnerabilities

CVSS

Base:	3.0
Impact:	2.5
Exploitability:	0.5

Pristup

Vektor	Složenost	Autentikacija
LOCAL	HIGH	HIGH

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	LOW	LOW

CVSS vektor

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:L

Zadnje važnije ažuriranje

20-02-2026 - 18:38

Objavljeno

04-03-2024 - 14:15