Article Number: 000185978
Critical
Proprietary Code CVE(s) | Description | CVSS Base Score | CVSS Vector String |
CVE-2021-21527 | Dell EMC PowerScale OneFS 8.1.0-9.1.0 contain an improper neutralization of special elements used in an OS command vulnerability. This vulnerability may allow an authenticated user with ISI_PRIV_LOGIN_SSH or ISI_PRIV_LOGIN_CONSOLE privileges to escalate privileges. | 6.0 | AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H |
CVE-2021-21550 | Dell EMC PowerScale OneFS 8.1.0-9.1.0 contain an improper neutralization of special elements used in an OS command vulnerability. This vulnerability may allow an authenticated user with ISI_PRIV_LOGIN_SSH or ISI_PRIV_LOGIN_CONSOLE privileges to escalate privileges. | 6.0 | AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H |
Proprietary Code CVE(s) | Description | CVSS Base Score | CVSS Vector String |
CVE-2021-21527 | Dell EMC PowerScale OneFS 8.1.0-9.1.0 contain an improper neutralization of special elements used in an OS command vulnerability. This vulnerability may allow an authenticated user with ISI_PRIV_LOGIN_SSH or ISI_PRIV_LOGIN_CONSOLE privileges to escalate privileges. | 6.0 | AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H |
CVE-2021-21550 | Dell EMC PowerScale OneFS 8.1.0-9.1.0 contain an improper neutralization of special elements used in an OS command vulnerability. This vulnerability may allow an authenticated user with ISI_PRIV_LOGIN_SSH or ISI_PRIV_LOGIN_CONSOLE privileges to escalate privileges. | 6.0 | AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H |
CVE(s) Addressed | Affected Version(s) | Updated Version(s) | Link to Update |
CVE-2021-21527 | 9.0.0.x | Upgrade your version of OneFS | PowerScale Download Area |
9.1.0.x | Download and install the April RUP | ||
CVE-2021-21550 | 8.1.1, 8.2.1, and 9.0.0.x | Upgrade your version of OneFS | |
8.1.2, 8.2.2, and 9.1.0.x | Download and install the April RUP |
CVE(s) Addressed | Affected Version(s) | Updated Version(s) | Link to Update |
CVE-2021-21527 | 9.0.0.x | Upgrade your version of OneFS | PowerScale Download Area |
9.1.0.x | Download and install the April RUP | ||
CVE-2021-21550 | 8.1.1, 8.2.1, and 9.0.0.x | Upgrade your version of OneFS | |
8.1.2, 8.2.2, and 9.1.0.x | Download and install the April RUP |
CVE ID | Workaround(s) or Mitigation(s) |
CVE-2021-21527 | None. Note: This only is a concern if you have enabled SmartLock Compliance Mode. |
CVE-2021-21550 | None Note: This only is a concern if you have enabled SmartLock Compliance Mode. |
Revision | Date | Description |
1.0 | 2021-05-03 | Initial Release |
Product Security Information
03 May 2021
Dell Security Advisory