CVE-2024-39578

MEDIUM Year: 2024
CVSS v3 Score
6.3
Medium
Weakness Type
CWE-61
View all →

Vulnerability Description

Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.1 contains a UNIX symbolic link (symlink) following vulnerability. A local high privileged attacker could potentially exploit this vulnerability, leading to denial of service, information tampering.

Related Vulnerabilities

CVE-2025-30485

MEDIUM
CVSS:6.2(Medium)

UNIX symbolic link (Symlink) following issue exists in FutureNet NXR series, VXR series and WXR series routers. Attaching to the affected product an external storage containing malicious symbolic link...

CWE-612025

CVE-2019-11246

MEDIUM
CVSS:6.4(Medium)

The kubectl cp command allows copying files between containers and the user machine. To copy files from a container, Kubernetes runs tar inside the container to create a tar archive, copies it over th...

CWE-612019

CVE-2019-16775

MEDIUM
CVSS:6.5(Medium)

Versions of the npm CLI prior to 6.13.3 are vulnerable to an Arbitrary File Write. It is possible for packages to create symlinks to files outside of thenode_modules folder through the bin field upon ...

CWE-612019

CVE-2021-1145

MEDIUM
CVSS:6.5(Medium)

A vulnerability in the Secure FTP (SFTP) of Cisco StarOS for Cisco ASR 5000 Series Routers could allow an authenticated, remote attacker to read arbitrary files on an affected device. To exploit this ...

CWE-612021

CVE-2021-32508

MEDIUM
CVSS:6.5(Medium)

Absolute Path Traversal vulnerability in FileStreaming in QSAN Storage Manager allows remote authenticated attackers access arbitrary files by injecting the Symbolic Link following the Url path parame...

CWE-612021

CVE-2021-32509

MEDIUM
CVSS:6.5(Medium)

Absolute Path Traversal vulnerability in FileviewDoc in QSAN Storage Manager allows remote authenticated attackers access arbitrary files by injecting the Symbolic Link following the Url path paramete...

CWE-612021