CVEs-PoC/2021/CVE-2021-21594.md

### [CVE-2021-21594](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21594)
![](https://img.shields.io/static/v1?label=Product&message=PowerScale%20OneFS&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=%3D%208.2.2%20-%209.1.0.x%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-598%3A%20Information%20Exposure%20Through%20Query%20Strings%20in%20GET%20Request&color=brighgreen)

### Description

Dell PowerScale OneFS versions 8.2.2 - 9.1.0.x contain a use of get request method with sensitive query strings vulnerability. It can lead to potential disclosure of sensitive data. Dell recommends upgrading at your earliest opportunity.

### POC

#### Reference
- https://www.dell.com/support/kbdoc/000190408

#### Github
No PoCs found on GitHub currently.