Security Advisory

CVE-2021-21599

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-08-16 22:00:28
Last updated 2024-09-17 03:19:01
Assigner dell
State PUBLISHED

Description

Dell EMC PowerScale OneFS versions 8.2.x - 9.2.1.x contain an OS command injection vulnerability. This may allow a user with ISI_PRIV_LOGIN_SSH or ISI_PRIV_LOGIN_CONSOLE to escalate privileges and escape the compliance guarantees. This only impacts Smartlock WORM compliance mode clusters as a critical vulnerability and Dell recommends to update/upgrade at the earliest opportunity.