June 4, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Bitter APT Group – Active IOCs
May 29, 2024
MeterPreter Malware – Active IOCs
May 30, 2024
Bitter APT Group – Active IOCs
May 29, 2024
MeterPreter Malware – Active IOCs
May 30, 2024
Severity
Medium
Analysis Summary
CVE-2024-25966 CVSS:5.3
Dell PowerScale OneFS is vulnerable to a denial of service, caused by an improper handling of unexpected data type vulnerability. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service.
CVE-2024-25970 CVSS:6.5
Dell PowerScale OneFS could provide weaker than expected security, caused by an improper input validation vulnerability. A remote authenticated attacker could exploit this vulnerability to loss of integrity.
CVE-2024-25969 CVSS:6.2
Dell PowerScale OneFS is vulnerable to a denial of service, caused by an allocation of resources without limits or throttling vulnerability. By sending a specially crafted request, a local attacker could exploit this vulnerability to cause a denial of service.
CVE-2024-25965 CVSS:6.1
Dell PowerScale OneFS is vulnerable to a denial of service, caused by an external control of file name or path vulnerability. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause a denial of service.
CVE-2024-25967 CVSS:6.7
Dell PowerScale OneFS could allow a local authenticated attacker to gain elevated privileges on the system, caused by an execution with unnecessary privileges vulnerability. By sending a specially crafted request, an attacker could exploit this vulnerability to escalate privileges.
CVE-2024-25968 CVSS:5.9
Dell PowerScale OneFS could allow a remote attacker to obtain sensitive information, caused by a use of a broken or risky cryptographic algorithm vulnerability. By sending a specially crafted request, a remote attacker could exploit this vulnerability to obtain sensitive information.
Impact
- Denial of Service
- Gain Access
- Privilege Escalation
- Information Disclosure
Indicators of Compromise
CVE
- CVE-2024-25966
- CVE-2024-25970
- CVE-2024-25969
- CVE-2024-25965
- CVE-2024-25967
- CVE-2024-25968
Affected Vendors
Dell
Affected Products
- Dell PowerScale OneFS 9.7.0.1
- Dell PowerScale OneFS 9.7.0.2
Remediation
Refer to Dell Security Advisory for patch, upgrade or suggested workaround information.
