Insufficient Logging

CVE-2024-24901

Low

3/10

Summary

Dell PowerScale OneFS 8.2.x through 9.6.0.x contain an insufficient logging vulnerability. A local malicious user with high privileges could potentially exploit this vulnerability, causing audit messages lost and not recorded for a specific time period.

Attack Complexity: HIGH
Attack Vector: LOCAL
Integrity Impact: LOW
Scope: UNCHANGED
User Interaction: NONE
Privileges Required: HIGH
Confidentiality Impact: NONE
Availability Impact: LOW

CWE-778 - Insufficient Logging

When a security-critical event occurs, the software either does not record the event or omits important details about the event when logging it.

References

Advisory Timeline

Published Mar 04, 2024

Insufficient Logging

CVE-2024-24901

Summary

CWE-778 - Insufficient Logging

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS