CVE-2021-21594 HIGH

CVE-2021-21594

Vendor Dell
Product PowerScale OneFS
Weakness CWE-598
Published August 16, 2021
Last update September 16, 2024

CVSS base score

8.2/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality Low
Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H

What the vulnerability does

01Description

Dell PowerScale OneFS versions 8.2.2 - 9.1.0.x contain a use of get request method with sensitive query strings vulnerability. It can lead to potential disclosure of sensitive data. Dell recommends upgrading at your earliest opportunity.

Key dates

02Disclosure timeline

August 16, 2021 CVE published
September 16, 2024 Record updated