CVE-2025-43724 | THREATINT

Description

Dell PowerScale OneFS, versions prior to 9.12.0.0, contains an authorization bypass through user-controlled key vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability to gain unauthorized access to NFSv4 or SMB shares.

PUBLISHED Reserved 2025-04-17 | Published 2025-10-08 | Updated 2025-10-08 | Assigner dell

MEDIUM: 4.4CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Problem types

CWE-639: Authorization Bypass Through User-Controlled Key

Product status

Default status

unaffected

Any version before 9.12.0.0

affected

References

www.dell.com/...ll-powerscale-onefs-multiple-vulnerabilities vendor-advisory

cve.org (CVE-2025-43724)

nvd.nist.gov (CVE-2025-43724)

Download JSON