Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
6.7
Dell PowerScale OneFS: Local Attackers Can Gain Unauthorized Access
CVE-2026-21423
Summary
Dell PowerScale OneFS storage systems have a default security setting that makes it easy for someone with a lot of system access to do things they shouldn't. This could allow them to access sensitive information, disrupt the system, or even take control of it. To fix this, update your PowerScale OneFS to version 9.10.1.6 or later, or version 9.12.0.2 or later.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| dell | powerscale_onefs | <= 9.10.1.6 | – |
| dell | powerscale_onefs | > 9.11.0.0 , <= 9.13.0.0 | – |
Original title
Dell PowerScale OneFS, versions prior to 9.10.1.6 and versions 9.11.0.0 through 9.12.0.1, contains an incorrect default permissions vulnerability. A high privileged attacker with local access could...
Original description
Dell PowerScale OneFS, versions prior to 9.10.1.6 and versions 9.11.0.0 through 9.12.0.1, contains an incorrect default permissions vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to code execution, denial of service, elevation of privileges, and information disclosure.
nvd CVSS3.1
6.7
Vulnerability type
CWE-276
Incorrect Default Permissions
Published: 4 Mar 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026