Impact
Critical
Details
Proprietary Code CVE(s) |
Description |
CVSS Base Score |
CVSS Vector String |
CVE-2021-21527 |
Dell EMC PowerScale OneFS 8.1.0-9.1.0 contain an improper neutralization of special elements used in an OS command vulnerability. This vulnerability may allow an authenticated user with ISI_PRIV_LOGIN_SSH or ISI_PRIV_LOGIN_CONSOLE privileges to escalate privileges. |
6.0 |
AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H |
CVE-2021-21550 |
Dell EMC PowerScale OneFS 8.1.0-9.1.0 contain an improper neutralization of special elements used in an OS command vulnerability. This vulnerability may allow an authenticated user with ISI_PRIV_LOGIN_SSH or ISI_PRIV_LOGIN_CONSOLE privileges to escalate privileges. |
6.0 |
AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H |
Proprietary Code CVE(s) |
Description |
CVSS Base Score |
CVSS Vector String |
CVE-2021-21527 |
Dell EMC PowerScale OneFS 8.1.0-9.1.0 contain an improper neutralization of special elements used in an OS command vulnerability. This vulnerability may allow an authenticated user with ISI_PRIV_LOGIN_SSH or ISI_PRIV_LOGIN_CONSOLE privileges to escalate privileges. |
6.0 |
AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H |
CVE-2021-21550 |
Dell EMC PowerScale OneFS 8.1.0-9.1.0 contain an improper neutralization of special elements used in an OS command vulnerability. This vulnerability may allow an authenticated user with ISI_PRIV_LOGIN_SSH or ISI_PRIV_LOGIN_CONSOLE privileges to escalate privileges. |
6.0 |
AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H |
Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.
CVE(s) Addressed |
Affected Version(s) |
Updated Version(s) |
Link to Update |
CVE-2021-21527 |
9.0.0.x |
Upgrade your version of OneFS |
PowerScale Download Area |
9.1.0.x |
Download and install the April RUP |
CVE-2021-21550 |
8.1.1, 8.2.1, and 9.0.0.x |
Upgrade your version of OneFS |
8.1.2, 8.2.2, and 9.1.0.x |
Download and install the April RUP |
Note: The table above may not be a comprehensive list of all affected supported versions and may be updated as more information becomes available.
CVE(s) Addressed |
Affected Version(s) |
Updated Version(s) |
Link to Update |
CVE-2021-21527 |
9.0.0.x |
Upgrade your version of OneFS |
PowerScale Download Area |
9.1.0.x |
Download and install the April RUP |
CVE-2021-21550 |
8.1.1, 8.2.1, and 9.0.0.x |
Upgrade your version of OneFS |
8.1.2, 8.2.2, and 9.1.0.x |
Download and install the April RUP |
Note: The table above may not be a comprehensive list of all affected supported versions and may be updated as more information becomes available.
Workarounds & Mitigations
CVE ID |
Workaround(s) or Mitigation(s) |
CVE-2021-21527 |
None. Note: This only is a concern if you have enabled SmartLock Compliance Mode. |
CVE-2021-21550 |
None Note: This only is a concern if you have enabled SmartLock Compliance Mode. |
Revision History
Revision | Date | Description |
1.0 | 2021-05-03 | Initial Release |
Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide
Affected Products
Product Security Information