Vulnerabilities > CVE-2021-36282 - Use of Uninitialized Resource vulnerability in Dell EMC Powerscale Onefs

CVSS 2.1 - LOW

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

NONE

local

low complexity

dell

CWE-908

NVD

Published: 2021-08-16

Updated: 2022-05-03

Summary

Dell EMC PowerScale OneFS versions 8.2.x - 9.1.0.x contain a use of uninitialized resource vulnerability. This can potentially allow an authenticated user with ISI_PRIV_LOGIN_CONSOLE or ISI_PRIV_LOGIN_SSH privileges to gain access up to 24 bytes of data within the /ifs kernel stack under certain conditions.

Vulnerable Configurations

Part	Description	Count
OS	Dell Dell EMC Powerscale Onefs 8.2.2 Dell EMC Powerscale Onefs 9.0.0.0 Dell EMC Powerscale Onefs 9.1.0 Dell EMC Powerscale Onefs 9.1.0.0 Dell EMC Powerscale Onefs 9.1.1.0 Dell EMC Powerscale Onefs 9.2.0	6

Common Weakness Enumeration (CWE)

CWE-908 - Use of Uninitialized Resource

References

https://www.dell.com/support/kbdoc/000190408