CVE-2024-25952

MEDIUM Year: 2024
CVSS v3 Score
6.0
Medium
Weakness Type
CWE-61
View all →

Vulnerability Description

Dell PowerScale OneFS versions 8.2.2.x through 9.7.0.x contains an UNIX symbolic link (symlink) following vulnerability. A local high privileged attacker could potentially exploit this vulnerability, leading to denial of service, information tampering.

Related Vulnerabilities

CVE-2024-25953

MEDIUM
CVSS:6.0(Medium)

Dell PowerScale OneFS versions 9.4.0.x through 9.7.0.x contains an UNIX symbolic link (symlink) following vulnerability. A local high privileged attacker could potentially exploit this vulnerability, ...

CWE-612024

CVE-2025-30485

MEDIUM
CVSS:6.2(Medium)

UNIX symbolic link (Symlink) following issue exists in FutureNet NXR series, VXR series and WXR series routers. Attaching to the affected product an external storage containing malicious symbolic link...

CWE-612025

CVE-2019-11251

MEDIUM
CVSS:5.7(Medium)

The Kubernetes kubectl cp command in versions 1.1-1.12, and versions prior to 1.13.11, 1.14.7, and 1.15.4 allows a combination of two symlinks provided by tar output of a malicious container to place ...

CWE-612019

CVE-2024-39578

MEDIUM
CVSS:6.3(Medium)

Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.1 contains a UNIX symbolic link (symlink) following vulnerability. A local high privileged attacker could potentially exploit this vulnerability, l...

CWE-612024

CVE-2019-11246

MEDIUM
CVSS:6.4(Medium)

The kubectl cp command allows copying files between containers and the user machine. To copy files from a container, Kubernetes runs tar inside the container to create a tar archive, copies it over th...

CWE-612019

CVE-2019-16775

MEDIUM
CVSS:6.5(Medium)

Versions of the npm CLI prior to 6.13.3 are vulnerable to an Arbitrary File Write. It is possible for packages to create symlinks to files outside of thenode_modules folder through the bin field upon ...

CWE-612019