CVE-2025-30101

Published: May 8, 2025Modified: May 16, 2025

6.3

Vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H

Exploitability: 1.0 / Impact: 5.2

Source: NVD

Description

Dell PowerScale OneFS, versions 9.8.0.0 through 9.10.1.0, contain a time-of-check time-of-use (TOCTOU) race condition vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to denial of service and information tampering.

Affected (1)

Products: Dell: Powerscale Onefs

1 product

Powerscale Onefs

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Dell Powerscale Onefs	From 9.8.0.0 to 9.10.1.2

Related CWEs

Time-of-check Time-of-use (TOCTOU) Race Condition

The product checks the state of a resource before using that resource, but the resource's state can change between the check and the use in a way that invalidates the results of the check. This can cause the product to perform invalid actions when the resource is in an unexpected state.

References (1)

https://www.dell.com/support/kbdoc/en-us/000317419/dsa-2025-192-security-update-for-dell-powerscale-onefs-for-multiple-security-vulnerabilities

Source: security_alert@emc.com

Vendor Advisory

Timeline

No history available yet.