CVE-2024-25952

CVSS 3.1 Score 6.0 of 10 (medium)

Details

Published Mar 28, 2024

CWE ID 61

Summary

CVE-2024-25952 is a vulnerability affecting Dell PowerScale OneFS versions 8.2.2.x through 9.7.0.x. This issue involves a UNIX symbolic link following vulnerability, allowing a local high privileged attacker to manipulate links, potentially resulting in denial of service or information tampering. The attacker can exploit this flaw by creating a symbolic link to a restricted directory or file, deceiving the system into granting access to unauthorized areas. This vulnerability could lead to disruptions in service and potential exposure of sensitive data, emphasizing the importance of timely patches and secure configuration management.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/ugD2Lh
https://www.cve.org/CVERecord?id=CVE-2024-25952
https://nvd.nist.gov/vuln/detail/CVE-2024-25952

Back to Vulnerability Database

CVE-2024-25952

CVSS 3.1 Score 6.0 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations