Zero Day MonitorZDM

← Back to list

6.6

CVE-2026-27102PATCHED

dell · powerscale onefs

CVE-2026-27102: Dell PowerScale OneFS, versions 9.5.0.0 through 9.10.1.6 and versions 9.11.0.0 through 9.13.0.1, contains an incorrect p

Description

Dell PowerScale OneFS, versions 9.5.0.0 through 9.10.1.6 and versions 9.11.0.0 through 9.13.0.1, contains an incorrect privilege assignment vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to elevation of privileges.

Affected Products

Vendor	Product	Versions
dell	powerscale onefs	0

References

https://www.dell.com/support/kbdoc/en-us/000449337/dsa-2026-125-security-update-for-dell-powerscale-onefs-multiple-vulnerabilities(vendor-advisory)

Related News (2 articles)

Tier C

VulDB2d ago

CVE-2026-27102 | Dell PowerScale OneFS up to 9.5.0.0/9.10.1.6/9.11.0.0/9.13.0.1 privileges assignment (dsa-2026-125)

→ No new info (linked only)

Tier B

BSI Advisories3d ago

[NEU] [mittel] Dell PowerScale OneFS: Mehrere Schwachstellen

→ No new info (linked only)

CVSS 3.16.6 MEDIUM

VectorCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H

CISA KEV❌ No

Actively exploited❌ No

Patch available

9.10.1.7 or later

CWECWE-266

PublishedApr 8, 2026

Trending Score29

Source articles2

Independent2

Info Completeness0/14

Missing: cve_id, title, description, vendor, product, versions, cvss, epss, cwe, kev, exploit, patch, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

MEDIUMCVE-2026-24511

CVE-2026-24511: Dell PowerScale OneFS, versions 9.5.0.0 through 9.10.1.6 and versions 9.11.0.0 through 9.13.0.0, contains a generation o

HIGHCVE-2026-28261

CVE-2026-28261: Dell Elastic Cloud Storage, version 3.8.1.7 and prior, and Dell ObjectScale, versions prior to 4.1.0.3 and version 4.2.0

HIGHCVE-2026-22768

CVE-2026-22768: Dell AppSync, version(s) 4.6.0, contain(s) an Incorrect Permission Assignment for Critical Resource vulnerability. A low

LOWCVE-2026-28264

CVE-2026-28264: Dell PowerProtect Agent Service, version(s) prior to 20.1, contain(s) an Incorrect Permission Assignment for Critical Re

MEDIUMCVE-2026-27101

CVE-2026-27101: Dell Secure Connect Gateway (SCG) 5.0 Appliance and Application version(s) 5.28.00.xx to 5.32.00.xx, contain(s) an Impro

Pin to Dashboard

Verification

State: unverified

Confidence: 0%

Vulnerability Timeline

CVE Published

Apr 8, 2026

Discovered by ZDM

Apr 8, 2026

Patch Available

Apr 9, 2026