CVE-2025-23378

Dell PowerScale OneFS, versions 9.4.0.0 through 9.10.0.0, contains an exposure of information through directory listing vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to information disclosure.

CVSS v3 3.3 LOW

3.3^/10

CVSS v3 : LOW

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 1.4

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://www.dell.com/support/kbdoc/en-us/000300860/dsa-2025-119-security-update-for-dell-powerscale-onefs-for-multiple-security-vulnerabilities

Configurations

No configuration.

History

11 Apr 2025, 15:40

Type	Values Removed	Values Added
Summary		(es) Dell PowerScale OneFS, versiones 9.4.0.0 a 9.10.0.0, contiene una exposición de información a través de una vulnerabilidad de listado de directorios. Un atacante con pocos privilegios y acceso local podría potencialmente explotar esta vulnerabilidad, lo que llevaría a la divulgación de información.

10 Apr 2025, 03:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-04-10 03:15

Updated : 2025-04-11 15:40

NVD link : CVE-2025-23378

Mitre link : CVE-2025-23378

CVE.ORG link : CVE-2025-23378

JSON object : View

Products Affected

No product.

CWE

CWE-548

Exposure of Information Through Directory Listing

3.3 /10