CVE-2026-22281
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2026-01-22
Last updated on: 2026-01-28
Assigner: Dell
Description
Description
Dell PowerScale OneFS, versions 9.5.0.0 through 9.5.1.5, versions 9.6.0.0 through 9.7.1.10, versions 9.8.0.0 through 9.10.1.3, versions starting from 9.11.0.0 and prior to 9.13.0.0, contains a Time-of-check Time-of-use (TOCTOU) race condition vulnerability. A low privileged attacker with adjacent network access could potentially exploit this vulnerability, leading to denial of service.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| dell | powerscale_onefs | From 9.5.0.0 (inc) to 9.5.1.6 (exc) |
| dell | powerscale_onefs | From 9.6.0.0 (inc) to 9.7.1.11 (exc) |
| dell | powerscale_onefs | From 9.8.0.0 (inc) to 9.10.1.4 (exc) |
| dell | powerscale_onefs | From 9.11.0.0 (inc) to 9.13.0.0 (exc) |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-367 | The product checks the state of a resource before using that resource, but the resource's state can change between the check and the use in a way that invalidates the results of the check. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a Time-of-check Time-of-use (TOCTOU) race condition in Dell PowerScale OneFS software versions from 9.5.0.0 through prior to 9.13.0.0. It allows a low privileged attacker with adjacent network access to potentially exploit the timing issue between checking a condition and using a resource, which can lead to unexpected behavior.
How can this vulnerability impact me? :
Exploitation of this vulnerability could lead to a denial of service condition, meaning the affected system or service could become unavailable or disrupted.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70