Search criteria
45 vulnerabilities found for isilon_onefs by emc
FKIE_CVE-2018-11071
Vulnerability from fkie_nvd - Published: 2018-09-18 21:29 - Updated: 2024-11-21 03:42
Severity ?
7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
Dell EMC Isilon OneFS versions 7.1.1.x, 7.2.1.x, 8.0.0.x, 8.0.1.x, 8.1.0.x and 8.1.x prior to 8.1.2 and Dell EMC IsilonSD Edge versions 8.0.0.x, 8.0.1.x, 8.1.0.x and 8.1.x prior to 8.1.2 contain a remote process crash vulnerability. An unauthenticated remote attacker may potentially exploit this vulnerability to crash the isi_drive_d process by sending specially crafted input data to the affected system. This process will then be restarted.
References
| URL | Tags | ||
|---|---|---|---|
| security_alert@emc.com | https://seclists.org/fulldisclosure/2018/Sep/19 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://seclists.org/fulldisclosure/2018/Sep/19 | Mailing List, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| emc | isilon_onefs | * | |
| emc | isilon_onefs | * | |
| emc | isilon_onefs | * | |
| emc | isilon_onefs | * | |
| emc | isilon_onefs | * | |
| emc | isilon_onefs | * | |
| emc | isilonsd_edge | * | |
| emc | isilonsd_edge | * | |
| emc | isilonsd_edge | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:emc:isilon_onefs:*:*:*:*:*:*:*:*",
"matchCriteriaId": "98C525FA-697D-4AF5-8A80-F0E4B1575E25",
"versionEndIncluding": "7.1.1.11",
"versionStartIncluding": "7.1.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:isilon_onefs:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8DF1F007-6FBD-4DB0-A56F-E26300F7AC01",
"versionEndIncluding": "7.2.1.6",
"versionStartIncluding": "7.2.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:isilon_onefs:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7FF9CA79-AE5A-4A3C-8CBA-2191980FF5F3",
"versionEndIncluding": "8.0.0.7",
"versionStartIncluding": "8.0.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:isilon_onefs:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0C8483F6-75D7-45A0-8B0D-70EE763377D7",
"versionEndIncluding": "8.0.1.2",
"versionStartIncluding": "8.0.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:isilon_onefs:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7BBD5515-4B05-4614-BEF4-58D123999337",
"versionEndIncluding": "8.1.0.4",
"versionStartIncluding": "8.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:isilon_onefs:*:*:*:*:*:*:*:*",
"matchCriteriaId": "084B14F0-EA61-4DF0-8FA0-04DCB023DD30",
"versionEndIncluding": "8.1.2.0",
"versionStartIncluding": "8.1.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:emc:isilonsd_edge:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EB115F03-CEDF-46F3-8E22-C5E09646AA77",
"versionEndIncluding": "8.0.0.7",
"versionStartIncluding": "8.0.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:isilonsd_edge:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FA731C5B-3B7B-4584-A296-84D71BD782D6",
"versionEndIncluding": "8.0.1.2",
"versionStartIncluding": "8.0.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:isilonsd_edge:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A5879393-387E-4096-9F15-8A5B3B4824CD",
"versionEndExcluding": "8.1.2.0",
"versionStartIncluding": "8.1.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Dell EMC Isilon OneFS versions 7.1.1.x, 7.2.1.x, 8.0.0.x, 8.0.1.x, 8.1.0.x and 8.1.x prior to 8.1.2 and Dell EMC IsilonSD Edge versions 8.0.0.x, 8.0.1.x, 8.1.0.x and 8.1.x prior to 8.1.2 contain a remote process crash vulnerability. An unauthenticated remote attacker may potentially exploit this vulnerability to crash the isi_drive_d process by sending specially crafted input data to the affected system. This process will then be restarted."
},
{
"lang": "es",
"value": "Dell EMC Isilon OneFS en versiones 7.1.1.x, 7.2.1.x, 8.0.0.x, 8.0.1.x, 8.1.0.x y 8.1.x anteriores a la 8.1.2; y Dell EMC IsilonSD Edge en versiones 8.0.0.x, 8.0.1.x, 8.1.0.x y 8.1.x anteriores a la 8.1.2 contienen una vulnerabilidad de cierre inesperado del proceso remoto. Un atacante remoto no autenticado podr\u00eda explotar esta vulnerabilidad para provocar el cierre inesperado del proceso isi_drive_d mediante el env\u00edo de datos de entrada especialmente manipulados al sistema afectado. El proceso se reiniciar\u00e1 posteriormente."
}
],
"id": "CVE-2018-11071",
"lastModified": "2024-11-21T03:42:37.277",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "security_alert@emc.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-09-18T21:29:02.010",
"references": [
{
"source": "security_alert@emc.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://seclists.org/fulldisclosure/2018/Sep/19"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://seclists.org/fulldisclosure/2018/Sep/19"
}
],
"sourceIdentifier": "security_alert@emc.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2017-14387
Vulnerability from fkie_nvd - Published: 2017-12-20 23:29 - Updated: 2025-04-20 01:37
Severity ?
Summary
The NFS service in EMC Isilon OneFS 8.1.0.0, 8.0.1.0 - 8.0.1.1, and 8.0.0.0 - 8.0.0.4 maintains default NFS export settings (including the NFS export security flavor for authentication) that can be leveraged by current and future NFS exports. This NFS service contained a flaw that did not properly propagate changes made to the default security flavor to all new and existing NFS exports that are configured to use default NFS export settings and that are mounted after those changes are made. This flaw may potentially allow NFS clients to access affected NFS exports using the default and potentially weaker security flavor even if a more secure one was selected to be used by the OneFS administrator, aka an "NFS Export Security Setting Fallback Vulnerability."
References
| URL | Tags | ||
|---|---|---|---|
| security_alert@emc.com | http://seclists.org/fulldisclosure/2017/Dec/78 | Issue Tracking, Mailing List, Third Party Advisory | |
| security_alert@emc.com | http://www.securityfocus.com/bid/102292 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2017/Dec/78 | Issue Tracking, Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/102292 | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| emc | isilon_onefs | 8.0.0.0 | |
| emc | isilon_onefs | 8.0.0.1 | |
| emc | isilon_onefs | 8.0.0.2 | |
| emc | isilon_onefs | 8.0.0.3 | |
| emc | isilon_onefs | 8.0.0.4 | |
| emc | isilon_onefs | 8.0.1.0 | |
| emc | isilon_onefs | 8.0.1.1 | |
| emc | isilon_onefs | 8.1.0.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:8.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AB53E775-7A57-41D2-A93D-5F96D72622D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:8.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A17F44A3-8C09-49EE-8545-51C57F36B801",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:8.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DCE2CA2E-BFAD-4D87-BAAA-DA63C88F38D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:8.0.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "11DF0A4B-702E-4E6B-AD2D-086F76B6DBB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:8.0.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "80042980-E2BB-49F0-A3DB-BE22ECF820C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:8.0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B3BD02-4CA9-4D00-A5B5-F3EBB7DACDEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:8.0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "217B6DC1-07E4-4A1E-8867-85C258778E5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:8.1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "847B0C10-6DCA-49FE-836C-F547B573A647",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The NFS service in EMC Isilon OneFS 8.1.0.0, 8.0.1.0 - 8.0.1.1, and 8.0.0.0 - 8.0.0.4 maintains default NFS export settings (including the NFS export security flavor for authentication) that can be leveraged by current and future NFS exports. This NFS service contained a flaw that did not properly propagate changes made to the default security flavor to all new and existing NFS exports that are configured to use default NFS export settings and that are mounted after those changes are made. This flaw may potentially allow NFS clients to access affected NFS exports using the default and potentially weaker security flavor even if a more secure one was selected to be used by the OneFS administrator, aka an \"NFS Export Security Setting Fallback Vulnerability.\""
},
{
"lang": "es",
"value": "El servicio NFS en EMC Isilon OneFS 8.1.0.0, 8.0.1.0 - 8.0.1.1 y 8.0.0.0 - 8.0.0.4 mantiene las opciones de exportaci\u00f3n NFS por defecto (incluyendo la parte especifica de seguridad del \"NFS export\" para autenticaci\u00f3n) que puede aprovecharse para exportaciones NFS actuales y futuras. El servicio NFS conten\u00eda un error que no propagaba correctamente los cambios realizados en la parte espec\u00edfica de seguridad para todas las exportaciones NFS nuevas y existentes que est\u00e1n configuradas para emplear opciones de exportaci\u00f3n NFS por defecto y est\u00e1n montadas una vez se han realizado esos cambios. Este error podr\u00eda permitir que clientes NFS accedan a exportaciones NFS afectadas empleando la parte espec\u00edfica de seguridad por defecto y, potencialmente, m\u00e1s d\u00e9bil, incluso aunque se haya seleccionado una m\u00e1s segura para ser empleada por el administrador OneFS. Esto tambi\u00e9n se conoce como \"NFS Export Security Setting Fallback Vulnerability\"."
}
],
"id": "CVE-2017-14387",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-12-20T23:29:00.297",
"references": [
{
"source": "security_alert@emc.com",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2017/Dec/78"
},
{
"source": "security_alert@emc.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/102292"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2017/Dec/78"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/102292"
}
],
"sourceIdentifier": "security_alert@emc.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2017-14380
Vulnerability from fkie_nvd - Published: 2017-12-13 20:29 - Updated: 2025-04-20 01:37
Severity ?
Summary
In EMC Isilon OneFS 8.1.0.0, 8.0.1.0 - 8.0.1.1, 8.0.0.0 - 8.0.0.4, 7.2.1.0 - 7.2.1.5, 7.2.0.x, and 7.1.1.x, a malicious compliance admin (compadmin) account user could exploit a vulnerability in isi_get_itrace or isi_get_profile maintenance scripts to run any shell script as system root on a cluster in compliance mode. This could potentially lead to an elevation of privilege for the compadmin user and violate compliance mode.
References
| URL | Tags | ||
|---|---|---|---|
| security_alert@emc.com | http://seclists.org/fulldisclosure/2017/Dec/41 | Mailing List, Third Party Advisory | |
| security_alert@emc.com | http://www.securityfocus.com/bid/102210 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2017/Dec/41 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/102210 | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| emc | isilon_onefs | 7.1.1.0 | |
| emc | isilon_onefs | 7.1.1.1 | |
| emc | isilon_onefs | 7.1.1.2 | |
| emc | isilon_onefs | 7.1.1.3 | |
| emc | isilon_onefs | 7.1.1.4 | |
| emc | isilon_onefs | 7.1.1.5 | |
| emc | isilon_onefs | 7.2.0.0 | |
| emc | isilon_onefs | 7.2.0.1 | |
| emc | isilon_onefs | 7.2.0.2 | |
| emc | isilon_onefs | 7.2.0.3 | |
| emc | isilon_onefs | 7.2.0.4 | |
| emc | isilon_onefs | 7.2.0.5 | |
| emc | isilon_onefs | 7.2.1.0 | |
| emc | isilon_onefs | 7.2.1.1 | |
| emc | isilon_onefs | 7.2.1.2 | |
| emc | isilon_onefs | 7.2.1.3 | |
| emc | isilon_onefs | 7.2.1.4 | |
| emc | isilon_onefs | 7.2.1.5 | |
| emc | isilon_onefs | 8.0.0.0 | |
| emc | isilon_onefs | 8.0.0.1 | |
| emc | isilon_onefs | 8.0.0.2 | |
| emc | isilon_onefs | 8.0.0.3 | |
| emc | isilon_onefs | 8.0.0.4 | |
| emc | isilon_onefs | 8.0.1.0 | |
| emc | isilon_onefs | 8.0.1.1 | |
| emc | isilon_onefs | 8.1.0.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEDB97FE-6470-4AFE-A3B0-B664F132A190",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A669BE6B-726F-4F34-A009-798E32FF6895",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4AE74624-A44D-4837-AD36-DBF3E93D5ED9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.1.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "47CBA2E5-6E46-4922-B56B-3F8C578074B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.1.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "90C22C93-9069-406E-9A14-03F20AD34D11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.1.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "CDD30754-489E-42BA-8B51-1FEB5DC30912",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0E8AF3E1-FE57-40B9-95DD-4E4C8EB578CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7F551F88-3176-4E92-AE7A-FCAB3A220A45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "26144325-6722-48C1-A0C2-BB78EF9BDE60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B87E8EEE-42AA-48B3-ABBE-9CE7FD2C275B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "6F09B14D-2C84-47F2-8F7F-6F8DAEFFF106",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5F6E200D-49D6-492C-8B38-CBED90CA8118",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "10B1B998-AEEE-4123-82F3-72D84EF681DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0828B061-28B4-4AEE-BBB9-AF287B90713C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "064C487D-517E-4F7B-A182-5DF287477652",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D1600B1F-C307-457B-BC84-73339A64DF8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "CE2687A1-97EC-4777-9CC1-164D525C56E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "08C3C4C1-505B-4171-831B-7FD7EB34B45C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:8.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AB53E775-7A57-41D2-A93D-5F96D72622D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:8.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A17F44A3-8C09-49EE-8545-51C57F36B801",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:8.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DCE2CA2E-BFAD-4D87-BAAA-DA63C88F38D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:8.0.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "11DF0A4B-702E-4E6B-AD2D-086F76B6DBB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:8.0.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "80042980-E2BB-49F0-A3DB-BE22ECF820C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:8.0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B3BD02-4CA9-4D00-A5B5-F3EBB7DACDEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:8.0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "217B6DC1-07E4-4A1E-8867-85C258778E5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:8.1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "847B0C10-6DCA-49FE-836C-F547B573A647",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In EMC Isilon OneFS 8.1.0.0, 8.0.1.0 - 8.0.1.1, 8.0.0.0 - 8.0.0.4, 7.2.1.0 - 7.2.1.5, 7.2.0.x, and 7.1.1.x, a malicious compliance admin (compadmin) account user could exploit a vulnerability in isi_get_itrace or isi_get_profile maintenance scripts to run any shell script as system root on a cluster in compliance mode. This could potentially lead to an elevation of privilege for the compadmin user and violate compliance mode."
},
{
"lang": "es",
"value": "En EMC Isilon OneFS 8.1.0.0, 8.0.1.0 - 8.0.1.1, 8.0.0.0 - 8.0.0.4, 7.2.1.0 - 7.2.1.5, 7.2.0.x y 7.1.1.x, un usuario con una cuenta de compliance admin (compadmin) puede explotar una vulnerabilidad en los scripts de mantenimiento isi_get_itrace o isi_get_profile para ejecutar cualquier script shell como root del sistema en un cl\u00faster en modo compliance. Esto podr\u00eda conducir a una elevaci\u00f3n de privilegios para el usuario compadmin y vulnerar el modo compliance."
}
],
"id": "CVE-2017-14380",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-12-13T20:29:00.207",
"references": [
{
"source": "security_alert@emc.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2017/Dec/41"
},
{
"source": "security_alert@emc.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/102210"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2017/Dec/41"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/102210"
}
],
"sourceIdentifier": "security_alert@emc.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-269"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2017-8024
Vulnerability from fkie_nvd - Published: 2017-10-18 09:29 - Updated: 2025-04-20 01:37
Severity ?
Summary
EMC Isilon OneFS (versions prior to 8.1.0.1, versions prior to 8.0.1.2, versions prior to 8.0.0.6, version 7.2.1.x) is impacted by a reflected cross-site scripting vulnerability that may potentially be exploited by malicious users to compromise the affected system.
References
| URL | Tags | ||
|---|---|---|---|
| security_alert@emc.com | http://seclists.org/fulldisclosure/2017/Oct/34 | Mailing List, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2017/Oct/34 | Mailing List, Patch, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| emc | isilon_onefs | 7.2.1.0 | |
| emc | isilon_onefs | 7.2.1.1 | |
| emc | isilon_onefs | 7.2.1.2 | |
| emc | isilon_onefs | 7.2.1.3 | |
| emc | isilon_onefs | 7.2.1.4 | |
| emc | isilon_onefs | 7.2.1.5 | |
| emc | isilon_onefs | 7.2.1.6 | |
| emc | isilon_onefs | * | |
| emc | isilon_onefs | * | |
| emc | isilon_onefs | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "10B1B998-AEEE-4123-82F3-72D84EF681DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0828B061-28B4-4AEE-BBB9-AF287B90713C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "064C487D-517E-4F7B-A182-5DF287477652",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D1600B1F-C307-457B-BC84-73339A64DF8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "CE2687A1-97EC-4777-9CC1-164D525C56E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "08C3C4C1-505B-4171-831B-7FD7EB34B45C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "EAE48C73-7CFE-454F-A4EF-0B12C49FD993",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:*:*:*:*:*:*:*:*",
"matchCriteriaId": "356662DF-BE65-4CFD-9BE3-353BAC206693",
"versionEndIncluding": "8.1.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9A91B9F8-9096-49BB-BC41-358595C12EAA",
"versionEndIncluding": "8.0.0.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:*:*:*:*:*:*:*:*",
"matchCriteriaId": "133E612C-59F3-4B4A-AD3F-74D179176A8F",
"versionEndIncluding": "8.0.1.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "EMC Isilon OneFS (versions prior to 8.1.0.1, versions prior to 8.0.1.2, versions prior to 8.0.0.6, version 7.2.1.x) is impacted by a reflected cross-site scripting vulnerability that may potentially be exploited by malicious users to compromise the affected system."
},
{
"lang": "es",
"value": "EMC Isilon OneFS (versiones anteriores a la 8.1.0.1, 8.0.1.2 y 8.0.0.6 y en versiones 7.2.1.x) se ha visto afectado por una vulnerabilidad de Cross-Site Scripting reflejado que podr\u00eda ser explotada por usuarios maliciosos para comprometer el sistema afectado."
}
],
"id": "CVE-2017-8024",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-10-18T09:29:00.190",
"references": [
{
"source": "security_alert@emc.com",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2017/Oct/34"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2017/Oct/34"
}
],
"sourceIdentifier": "security_alert@emc.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2017-4988
Vulnerability from fkie_nvd - Published: 2017-06-21 20:29 - Updated: 2025-04-20 01:37
Severity ?
Summary
EMC Isilon OneFS 8.0.1.0, 8.0.0 - 8.0.0.3, 7.2.0 - 7.2.1.4, 7.1.x is affected by a privilege escalation vulnerability that could potentially be exploited by attackers to compromise the affected system.
References
| URL | Tags | ||
|---|---|---|---|
| security_alert@emc.com | http://www.securityfocus.com/archive/1/540755/30/0/threaded | Third Party Advisory, VDB Entry | |
| security_alert@emc.com | http://www.securityfocus.com/bid/99165 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/540755/30/0/threaded | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/99165 | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| emc | isilon_onefs | 7.1.0.0 | |
| emc | isilon_onefs | 7.1.0.5 | |
| emc | isilon_onefs | 7.1.0.6 | |
| emc | isilon_onefs | 7.1.1.0 | |
| emc | isilon_onefs | 7.1.1.1 | |
| emc | isilon_onefs | 7.1.1.2 | |
| emc | isilon_onefs | 7.1.1.3 | |
| emc | isilon_onefs | 7.1.1.4 | |
| emc | isilon_onefs | 7.1.1.5 | |
| emc | isilon_onefs | 7.1.1.6 | |
| emc | isilon_onefs | 7.1.1.7 | |
| emc | isilon_onefs | 7.1.1.8 | |
| emc | isilon_onefs | 7.1.1.9 | |
| emc | isilon_onefs | 7.1.1.10 | |
| emc | isilon_onefs | 7.1.1.11 | |
| emc | isilon_onefs | 7.2.0.0 | |
| emc | isilon_onefs | 7.2.0.1 | |
| emc | isilon_onefs | 7.2.0.2 | |
| emc | isilon_onefs | 7.2.0.3 | |
| emc | isilon_onefs | 7.2.0.4 | |
| emc | isilon_onefs | 7.2.1.0 | |
| emc | isilon_onefs | 7.2.1.1 | |
| emc | isilon_onefs | 7.2.1.2 | |
| emc | isilon_onefs | 7.2.1.3 | |
| emc | isilon_onefs | 7.2.1.4 | |
| emc | isilon_onefs | 8.0.0.0 | |
| emc | isilon_onefs | 8.0.0.1 | |
| emc | isilon_onefs | 8.0.0.2 | |
| emc | isilon_onefs | 8.0.0.3 | |
| emc | isilon_onefs | 8.0.1.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2CD6F32C-BC12-455D-9C78-F6485C72582E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E706E435-8E45-4ACB-8BBC-5AC458378D4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.1.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "3FE2D48E-39E8-42E6-8E82-AB9FA0547BAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEDB97FE-6470-4AFE-A3B0-B664F132A190",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A669BE6B-726F-4F34-A009-798E32FF6895",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4AE74624-A44D-4837-AD36-DBF3E93D5ED9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.1.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "47CBA2E5-6E46-4922-B56B-3F8C578074B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.1.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "90C22C93-9069-406E-9A14-03F20AD34D11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.1.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "CDD30754-489E-42BA-8B51-1FEB5DC30912",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.1.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D92501AC-0588-4051-9568-52074E8A2D33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.1.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "F7407DAA-7740-45B0-BA99-03794C8B1215",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.1.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "F7E804DB-40F0-4FBF-8A85-A49767DC4022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.1.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "D645B5EF-4333-48BF-960A-03AA2D624376",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.1.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "302422CE-3C0A-44E6-83ED-51EC65482B40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.1.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "81B96819-9F4D-44D4-9645-48EB8E705121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0E8AF3E1-FE57-40B9-95DD-4E4C8EB578CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7F551F88-3176-4E92-AE7A-FCAB3A220A45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "26144325-6722-48C1-A0C2-BB78EF9BDE60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B87E8EEE-42AA-48B3-ABBE-9CE7FD2C275B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "6F09B14D-2C84-47F2-8F7F-6F8DAEFFF106",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "10B1B998-AEEE-4123-82F3-72D84EF681DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0828B061-28B4-4AEE-BBB9-AF287B90713C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "064C487D-517E-4F7B-A182-5DF287477652",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D1600B1F-C307-457B-BC84-73339A64DF8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "CE2687A1-97EC-4777-9CC1-164D525C56E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:8.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AB53E775-7A57-41D2-A93D-5F96D72622D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:8.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A17F44A3-8C09-49EE-8545-51C57F36B801",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:8.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DCE2CA2E-BFAD-4D87-BAAA-DA63C88F38D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:8.0.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "11DF0A4B-702E-4E6B-AD2D-086F76B6DBB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:8.0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B3BD02-4CA9-4D00-A5B5-F3EBB7DACDEF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "EMC Isilon OneFS 8.0.1.0, 8.0.0 - 8.0.0.3, 7.2.0 - 7.2.1.4, 7.1.x is affected by a privilege escalation vulnerability that could potentially be exploited by attackers to compromise the affected system."
},
{
"lang": "es",
"value": "EMC Isilon OneFS en versiones 8.0.1.0, 8.0.0 - 8.0.0.3, 7.2.0 - 7.2.1.4 y 7.1.x se ha visto afectado por una vulnerabilidad de escalado de privilegios que podr\u00eda ser explotada por atacantes para comprometer el sistema afectado."
}
],
"id": "CVE-2017-4988",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-06-21T20:29:00.283",
"references": [
{
"source": "security_alert@emc.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/540755/30/0/threaded"
},
{
"source": "security_alert@emc.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/99165"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/540755/30/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/99165"
}
],
"sourceIdentifier": "security_alert@emc.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2017-4979
Vulnerability from fkie_nvd - Published: 2017-05-19 15:29 - Updated: 2025-04-20 01:37
Severity ?
Summary
EMC Isilon OneFS 8.0.1.0, OneFS 8.0.0.0 - 8.0.0.2, OneFS 7.2.1.0 - 7.2.1.3, and OneFS 7.2.0.x is affected by an NFS export vulnerability. Under certain conditions, after upgrading a cluster from OneFS 7.1.1.x or earlier, users may have unexpected levels of access to some NFS exports.
References
| URL | Tags | ||
|---|---|---|---|
| security_alert@emc.com | http://www.securityfocus.com/archive/1/540551/30/0/threaded | Mitigation, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/540551/30/0/threaded | Mitigation, Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| emc | isilon_onefs | 7.2.0.0 | |
| emc | isilon_onefs | 7.2.0.1 | |
| emc | isilon_onefs | 7.2.0.2 | |
| emc | isilon_onefs | 7.2.1.0 | |
| emc | isilon_onefs | 7.2.1.1 | |
| emc | isilon_onefs | 7.2.1.2 | |
| emc | isilon_onefs | 7.2.1.3 | |
| emc | isilon_onefs | 8.0.0.0 | |
| emc | isilon_onefs | 8.0.0.1 | |
| emc | isilon_onefs | 8.0.0.2 | |
| emc | isilon_onefs | 8.0.1.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0E8AF3E1-FE57-40B9-95DD-4E4C8EB578CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7F551F88-3176-4E92-AE7A-FCAB3A220A45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "26144325-6722-48C1-A0C2-BB78EF9BDE60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "10B1B998-AEEE-4123-82F3-72D84EF681DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0828B061-28B4-4AEE-BBB9-AF287B90713C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "064C487D-517E-4F7B-A182-5DF287477652",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D1600B1F-C307-457B-BC84-73339A64DF8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:8.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AB53E775-7A57-41D2-A93D-5F96D72622D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:8.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A17F44A3-8C09-49EE-8545-51C57F36B801",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:8.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DCE2CA2E-BFAD-4D87-BAAA-DA63C88F38D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:8.0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B3BD02-4CA9-4D00-A5B5-F3EBB7DACDEF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "EMC Isilon OneFS 8.0.1.0, OneFS 8.0.0.0 - 8.0.0.2, OneFS 7.2.1.0 - 7.2.1.3, and OneFS 7.2.0.x is affected by an NFS export vulnerability. Under certain conditions, after upgrading a cluster from OneFS 7.1.1.x or earlier, users may have unexpected levels of access to some NFS exports."
},
{
"lang": "es",
"value": "Isilon OneFS versi\u00f3n 8.0.1.0, OneFS versiones 8.0.0.0 - 8.0.0.2, OneFS versiones 7.2.1.0 - 7.2.1.3 y OneFS versiones 7.2.0.x de EMC, est\u00e1n afectadas por una vulnerabilidad de exportaci\u00f3n de NFS. Bajo ciertas condiciones, despu\u00e9s de actualizar un cl\u00faster desde OneFS versi\u00f3n 7.1.1.x o anteriores, los usuarios pueden tener niveles inesperados de acceso a algunas exportaciones de NFS."
}
],
"id": "CVE-2017-4979",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-05-19T15:29:00.257",
"references": [
{
"source": "security_alert@emc.com",
"tags": [
"Mitigation",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/540551/30/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/540551/30/0/threaded"
}
],
"sourceIdentifier": "security_alert@emc.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2017-4980
Vulnerability from fkie_nvd - Published: 2017-03-29 21:59 - Updated: 2025-04-20 01:37
Severity ?
Summary
EMC Isilon OneFS is affected by a path traversal vulnerability that may potentially be exploited by attackers to compromise the affected system. Affected versions are 7.1.0 - 7.1.1.10, 7.2.0 - 7.2.1.3, and 8.0.0 - 8.0.0.1.
References
| URL | Tags | ||
|---|---|---|---|
| security_alert@emc.com | http://www.securityfocus.com/archive/1/540338/30/0/threaded | Third Party Advisory, VDB Entry | |
| security_alert@emc.com | http://www.securityfocus.com/bid/97222 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/540338/30/0/threaded | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/97222 | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| emc | isilon_onefs | 7.1.0.5 | |
| emc | isilon_onefs | 7.1.0.6 | |
| emc | isilon_onefs | 7.1.1.0 | |
| emc | isilon_onefs | 7.1.1.1 | |
| emc | isilon_onefs | 7.1.1.2 | |
| emc | isilon_onefs | 7.1.1.3 | |
| emc | isilon_onefs | 7.1.1.4 | |
| emc | isilon_onefs | 7.1.1.5 | |
| emc | isilon_onefs | 7.1.1.6 | |
| emc | isilon_onefs | 7.1.1.7 | |
| emc | isilon_onefs | 7.1.1.8 | |
| emc | isilon_onefs | 7.1.1.9 | |
| emc | isilon_onefs | 7.1.1.10 | |
| emc | isilon_onefs | 7.2.0.0 | |
| emc | isilon_onefs | 7.2.0.1 | |
| emc | isilon_onefs | 7.2.0.2 | |
| emc | isilon_onefs | 7.2.0.3 | |
| emc | isilon_onefs | 7.2.0.4 | |
| emc | isilon_onefs | 7.2.1.0 | |
| emc | isilon_onefs | 7.2.1.1 | |
| emc | isilon_onefs | 7.2.1.2 | |
| emc | isilon_onefs | 7.2.1.3 | |
| emc | isilon_onefs | 8.0.0.0 | |
| emc | isilon_onefs | 8.0.0.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E706E435-8E45-4ACB-8BBC-5AC458378D4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.1.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "3FE2D48E-39E8-42E6-8E82-AB9FA0547BAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEDB97FE-6470-4AFE-A3B0-B664F132A190",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A669BE6B-726F-4F34-A009-798E32FF6895",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4AE74624-A44D-4837-AD36-DBF3E93D5ED9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.1.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "47CBA2E5-6E46-4922-B56B-3F8C578074B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.1.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "90C22C93-9069-406E-9A14-03F20AD34D11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.1.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "CDD30754-489E-42BA-8B51-1FEB5DC30912",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.1.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D92501AC-0588-4051-9568-52074E8A2D33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.1.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "F7407DAA-7740-45B0-BA99-03794C8B1215",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.1.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "F7E804DB-40F0-4FBF-8A85-A49767DC4022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.1.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "D645B5EF-4333-48BF-960A-03AA2D624376",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.1.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "302422CE-3C0A-44E6-83ED-51EC65482B40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0E8AF3E1-FE57-40B9-95DD-4E4C8EB578CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7F551F88-3176-4E92-AE7A-FCAB3A220A45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "26144325-6722-48C1-A0C2-BB78EF9BDE60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B87E8EEE-42AA-48B3-ABBE-9CE7FD2C275B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "6F09B14D-2C84-47F2-8F7F-6F8DAEFFF106",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "10B1B998-AEEE-4123-82F3-72D84EF681DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0828B061-28B4-4AEE-BBB9-AF287B90713C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "064C487D-517E-4F7B-A182-5DF287477652",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D1600B1F-C307-457B-BC84-73339A64DF8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:8.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AB53E775-7A57-41D2-A93D-5F96D72622D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:8.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A17F44A3-8C09-49EE-8545-51C57F36B801",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "EMC Isilon OneFS is affected by a path traversal vulnerability that may potentially be exploited by attackers to compromise the affected system. Affected versions are 7.1.0 - 7.1.1.10, 7.2.0 - 7.2.1.3, and 8.0.0 - 8.0.0.1."
},
{
"lang": "es",
"value": "EMC Isilon OneFS es afectada por una vulnerabilidad de recorrido transversal que potencialmente puede ser explotada por los atacantes para comprometer el sistema afectado. Las versiones afectadas son 7.1.0 - 7.1.1.10, 7.2.0 - 7.2.1.3 y 8.0.0 - 8.0.0.1."
}
],
"id": "CVE-2017-4980",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-03-29T21:59:00.177",
"references": [
{
"source": "security_alert@emc.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/540338/30/0/threaded"
},
{
"source": "security_alert@emc.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97222"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/540338/30/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97222"
}
],
"sourceIdentifier": "security_alert@emc.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2016-9871
Vulnerability from fkie_nvd - Published: 2017-02-03 07:59 - Updated: 2025-04-20 01:37
Severity ?
Summary
EMC Isilon OneFS 7.2.1.0 - 7.2.1.3, EMC Isilon OneFS 7.2.0.x, EMC Isilon OneFS 7.1.1.0 - 7.1.1.10, EMC Isilon OneFS 7.1.0.x is affected by a privilege escalation vulnerability that could potentially be exploited by attackers to compromise the affected system.
References
| URL | Tags | ||
|---|---|---|---|
| security_alert@emc.com | http://www.securityfocus.com/archive/1/540050/30/0/threaded | Mailing List, Third Party Advisory | |
| security_alert@emc.com | http://www.securityfocus.com/bid/95800 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/540050/30/0/threaded | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/95800 | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| emc | isilon_onefs | 7.1.0.0 | |
| emc | isilon_onefs | 7.1.0.5 | |
| emc | isilon_onefs | 7.1.0.6 | |
| emc | isilon_onefs | 7.1.1.0 | |
| emc | isilon_onefs | 7.1.1.1 | |
| emc | isilon_onefs | 7.1.1.2 | |
| emc | isilon_onefs | 7.1.1.3 | |
| emc | isilon_onefs | 7.1.1.4 | |
| emc | isilon_onefs | 7.1.1.5 | |
| emc | isilon_onefs | 7.1.1.6 | |
| emc | isilon_onefs | 7.1.1.7 | |
| emc | isilon_onefs | 7.1.1.8 | |
| emc | isilon_onefs | 7.1.1.9 | |
| emc | isilon_onefs | 7.1.1.10 | |
| emc | isilon_onefs | 7.2.0.0 | |
| emc | isilon_onefs | 7.2.0.1 | |
| emc | isilon_onefs | 7.2.0.2 | |
| emc | isilon_onefs | 7.2.0.3 | |
| emc | isilon_onefs | 7.2.0.4 | |
| emc | isilon_onefs | 7.2.1.0 | |
| emc | isilon_onefs | 7.2.1.1 | |
| emc | isilon_onefs | 7.2.1.2 | |
| emc | isilon_onefs | 7.2.1.3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2CD6F32C-BC12-455D-9C78-F6485C72582E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E706E435-8E45-4ACB-8BBC-5AC458378D4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.1.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "3FE2D48E-39E8-42E6-8E82-AB9FA0547BAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEDB97FE-6470-4AFE-A3B0-B664F132A190",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A669BE6B-726F-4F34-A009-798E32FF6895",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4AE74624-A44D-4837-AD36-DBF3E93D5ED9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.1.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "47CBA2E5-6E46-4922-B56B-3F8C578074B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.1.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "90C22C93-9069-406E-9A14-03F20AD34D11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.1.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "CDD30754-489E-42BA-8B51-1FEB5DC30912",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.1.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D92501AC-0588-4051-9568-52074E8A2D33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.1.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "F7407DAA-7740-45B0-BA99-03794C8B1215",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.1.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "F7E804DB-40F0-4FBF-8A85-A49767DC4022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.1.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "D645B5EF-4333-48BF-960A-03AA2D624376",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.1.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "302422CE-3C0A-44E6-83ED-51EC65482B40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0E8AF3E1-FE57-40B9-95DD-4E4C8EB578CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7F551F88-3176-4E92-AE7A-FCAB3A220A45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "26144325-6722-48C1-A0C2-BB78EF9BDE60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B87E8EEE-42AA-48B3-ABBE-9CE7FD2C275B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "6F09B14D-2C84-47F2-8F7F-6F8DAEFFF106",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "10B1B998-AEEE-4123-82F3-72D84EF681DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0828B061-28B4-4AEE-BBB9-AF287B90713C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "064C487D-517E-4F7B-A182-5DF287477652",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D1600B1F-C307-457B-BC84-73339A64DF8D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "EMC Isilon OneFS 7.2.1.0 - 7.2.1.3, EMC Isilon OneFS 7.2.0.x, EMC Isilon OneFS 7.1.1.0 - 7.1.1.10, EMC Isilon OneFS 7.1.0.x is affected by a privilege escalation vulnerability that could potentially be exploited by attackers to compromise the affected system."
},
{
"lang": "es",
"value": "EMC Isilon OneFS 7.1.0.x, EMC Isilon OneFS 7.1.0.10, EMC Isilon OneFS 7.1.0.x se ve afectada por una vulnerabilidad de escalada de privilegios que podr\u00eda ser potencialmente explotada por los atacantes para comprometer el sistema afectado."
}
],
"id": "CVE-2016-9871",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-02-03T07:59:00.467",
"references": [
{
"source": "security_alert@emc.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.securityfocus.com/archive/1/540050/30/0/threaded"
},
{
"source": "security_alert@emc.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/95800"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.securityfocus.com/archive/1/540050/30/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/95800"
}
],
"sourceIdentifier": "security_alert@emc.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2016-9870
Vulnerability from fkie_nvd - Published: 2017-01-23 07:59 - Updated: 2025-04-20 01:37
Severity ?
Summary
EMC Isilon OneFS 8.0.0.0, EMC Isilon OneFS 7.2.1.0 - 7.2.1.2, EMC Isilon OneFS 7.2.0.x, EMC Isilon OneFS 7.1.1.0 - 7.1.1.10, and EMC Isilon OneFS 7.1.0.x is affected by an LDAP injection vulnerability that could potentially be exploited by a malicious user to compromise the system.
References
| URL | Tags | ||
|---|---|---|---|
| security_alert@emc.com | http://www.securityfocus.com/archive/1/540020/30/0/threaded | Mitigation, Third Party Advisory, VDB Entry | |
| security_alert@emc.com | http://www.securityfocus.com/bid/95626 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/540020/30/0/threaded | Mitigation, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/95626 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| emc | isilon_onefs | 7.1.0.0 | |
| emc | isilon_onefs | 7.1.0.1 | |
| emc | isilon_onefs | 7.1.0.2 | |
| emc | isilon_onefs | 7.1.0.3 | |
| emc | isilon_onefs | 7.1.0.4 | |
| emc | isilon_onefs | 7.1.0.5 | |
| emc | isilon_onefs | 7.1.0.6 | |
| emc | isilon_onefs | 7.1.1.0 | |
| emc | isilon_onefs | 7.1.1.1 | |
| emc | isilon_onefs | 7.1.1.2 | |
| emc | isilon_onefs | 7.1.1.3 | |
| emc | isilon_onefs | 7.1.1.4 | |
| emc | isilon_onefs | 7.1.1.5 | |
| emc | isilon_onefs | 7.1.1.6 | |
| emc | isilon_onefs | 7.1.1.7 | |
| emc | isilon_onefs | 7.1.1.8 | |
| emc | isilon_onefs | 7.2.0.0 | |
| emc | isilon_onefs | 7.2.0.1 | |
| emc | isilon_onefs | 7.2.0.2 | |
| emc | isilon_onefs | 7.2.0.3 | |
| emc | isilon_onefs | 7.2.0.4 | |
| emc | isilon_onefs | 7.2.0.5 | |
| emc | isilon_onefs | 7.2.1.0 | |
| emc | isilon_onefs | 7.2.1.1 | |
| emc | isilon_onefs | 7.2.1.2 | |
| emc | isilon_onefs | 8.0.0.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2CD6F32C-BC12-455D-9C78-F6485C72582E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6521D899-186D-4200-96A2-C8137D6D8975",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "542839DF-EF0F-4B14-B56D-FBC0FE4D2787",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B78EA29B-CD7A-4C9D-9B0C-E6888BEC82C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A7A42792-B156-45D3-9A22-C45FFCF652DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E706E435-8E45-4ACB-8BBC-5AC458378D4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.1.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "3FE2D48E-39E8-42E6-8E82-AB9FA0547BAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEDB97FE-6470-4AFE-A3B0-B664F132A190",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A669BE6B-726F-4F34-A009-798E32FF6895",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4AE74624-A44D-4837-AD36-DBF3E93D5ED9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.1.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "47CBA2E5-6E46-4922-B56B-3F8C578074B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.1.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "90C22C93-9069-406E-9A14-03F20AD34D11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.1.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "CDD30754-489E-42BA-8B51-1FEB5DC30912",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.1.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D92501AC-0588-4051-9568-52074E8A2D33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.1.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "F7407DAA-7740-45B0-BA99-03794C8B1215",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.1.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "F7E804DB-40F0-4FBF-8A85-A49767DC4022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0E8AF3E1-FE57-40B9-95DD-4E4C8EB578CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7F551F88-3176-4E92-AE7A-FCAB3A220A45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "26144325-6722-48C1-A0C2-BB78EF9BDE60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B87E8EEE-42AA-48B3-ABBE-9CE7FD2C275B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "6F09B14D-2C84-47F2-8F7F-6F8DAEFFF106",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5F6E200D-49D6-492C-8B38-CBED90CA8118",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "10B1B998-AEEE-4123-82F3-72D84EF681DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0828B061-28B4-4AEE-BBB9-AF287B90713C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "064C487D-517E-4F7B-A182-5DF287477652",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:8.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AB53E775-7A57-41D2-A93D-5F96D72622D1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "EMC Isilon OneFS 8.0.0.0, EMC Isilon OneFS 7.2.1.0 - 7.2.1.2, EMC Isilon OneFS 7.2.0.x, EMC Isilon OneFS 7.1.1.0 - 7.1.1.10, and EMC Isilon OneFS 7.1.0.x is affected by an LDAP injection vulnerability that could potentially be exploited by a malicious user to compromise the system."
},
{
"lang": "es",
"value": "EMC Isilon OneFS 8.0.0.0, EMC Isilon OneFS 7.2.1.0 - 7.2.1.2, EMC Isilon OneFS 7.2.0.x, EMC Isilon OneFS 7.1.1.0 - 7.1.1.10 y EMC Isilon OneFS 7.1.0.x est\u00e1 afectado por una vulnerabilidad de inyecci\u00f3n LDAP que podr\u00eda ser potencialmente explotable por un usuario malicioso para comprometer el sistema."
}
],
"id": "CVE-2016-9870",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-01-23T07:59:00.470",
"references": [
{
"source": "security_alert@emc.com",
"tags": [
"Mitigation",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/540020/30/0/threaded"
},
{
"source": "security_alert@emc.com",
"url": "http://www.securityfocus.com/bid/95626"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/540020/30/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/95626"
}
],
"sourceIdentifier": "security_alert@emc.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-90"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2016-0908
Vulnerability from fkie_nvd - Published: 2016-06-04 01:59 - Updated: 2025-04-12 10:46
Severity ?
Summary
EMC Isilon OneFS 7.1.x before 7.1.1.9 and 7.2.x before 7.2.1.2 allows local users to obtain root shell access by leveraging administrative privileges.
References
| URL | Tags | ||
|---|---|---|---|
| security_alert@emc.com | http://seclists.org/bugtraq/2016/Jun/13 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/bugtraq/2016/Jun/13 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| emc | isilon_onefs | 7.1.0.0 | |
| emc | isilon_onefs | 7.1.0.1 | |
| emc | isilon_onefs | 7.1.0.2 | |
| emc | isilon_onefs | 7.1.0.3 | |
| emc | isilon_onefs | 7.1.0.4 | |
| emc | isilon_onefs | 7.1.0.5 | |
| emc | isilon_onefs | 7.1.0.6 | |
| emc | isilon_onefs | 7.1.1.0 | |
| emc | isilon_onefs | 7.1.1.1 | |
| emc | isilon_onefs | 7.1.1.2 | |
| emc | isilon_onefs | 7.1.1.3 | |
| emc | isilon_onefs | 7.1.1.4 | |
| emc | isilon_onefs | 7.1.1.5 | |
| emc | isilon_onefs | 7.1.1.6 | |
| emc | isilon_onefs | 7.1.1.7 | |
| emc | isilon_onefs | 7.1.1.8 | |
| emc | isilon_onefs | 7.2.0.0 | |
| emc | isilon_onefs | 7.2.0.1 | |
| emc | isilon_onefs | 7.2.0.2 | |
| emc | isilon_onefs | 7.2.0.3 | |
| emc | isilon_onefs | 7.2.0.4 | |
| emc | isilon_onefs | 7.2.0.5 | |
| emc | isilon_onefs | 7.2.1.0 | |
| emc | isilon_onefs | 7.2.1.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2CD6F32C-BC12-455D-9C78-F6485C72582E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6521D899-186D-4200-96A2-C8137D6D8975",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "542839DF-EF0F-4B14-B56D-FBC0FE4D2787",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B78EA29B-CD7A-4C9D-9B0C-E6888BEC82C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A7A42792-B156-45D3-9A22-C45FFCF652DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E706E435-8E45-4ACB-8BBC-5AC458378D4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.1.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "3FE2D48E-39E8-42E6-8E82-AB9FA0547BAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEDB97FE-6470-4AFE-A3B0-B664F132A190",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A669BE6B-726F-4F34-A009-798E32FF6895",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4AE74624-A44D-4837-AD36-DBF3E93D5ED9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.1.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "47CBA2E5-6E46-4922-B56B-3F8C578074B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.1.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "90C22C93-9069-406E-9A14-03F20AD34D11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.1.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "CDD30754-489E-42BA-8B51-1FEB5DC30912",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.1.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D92501AC-0588-4051-9568-52074E8A2D33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.1.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "F7407DAA-7740-45B0-BA99-03794C8B1215",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.1.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "F7E804DB-40F0-4FBF-8A85-A49767DC4022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0E8AF3E1-FE57-40B9-95DD-4E4C8EB578CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7F551F88-3176-4E92-AE7A-FCAB3A220A45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "26144325-6722-48C1-A0C2-BB78EF9BDE60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B87E8EEE-42AA-48B3-ABBE-9CE7FD2C275B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "6F09B14D-2C84-47F2-8F7F-6F8DAEFFF106",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5F6E200D-49D6-492C-8B38-CBED90CA8118",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "10B1B998-AEEE-4123-82F3-72D84EF681DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0828B061-28B4-4AEE-BBB9-AF287B90713C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "EMC Isilon OneFS 7.1.x before 7.1.1.9 and 7.2.x before 7.2.1.2 allows local users to obtain root shell access by leveraging administrative privileges."
},
{
"lang": "es",
"value": "EMC Isilon OneFS 7.1.x en versiones anteriores a 7.1.1.9 y 7.2.x en versiones anteriores a 7.2.1.2 permite a usuarios locales obtener acceso root al shell aprovechando privilegios administrativos."
}
],
"id": "CVE-2016-0908",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.8,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.1,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-06-04T01:59:01.597",
"references": [
{
"source": "security_alert@emc.com",
"tags": [
"Third Party Advisory"
],
"url": "http://seclists.org/bugtraq/2016/Jun/13"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://seclists.org/bugtraq/2016/Jun/13"
}
],
"sourceIdentifier": "security_alert@emc.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2018-11071 (GCVE-0-2018-11071)
Vulnerability from cvelistv5 – Published: 2018-09-18 21:00 – Updated: 2024-08-05 07:54
VLAI?
Title
DSA-2018-147: Dell EMC Isilon OneFS and IsilonSD Edge Remote Process Crash Vulnerability
Summary
Dell EMC Isilon OneFS versions 7.1.1.x, 7.2.1.x, 8.0.0.x, 8.0.1.x, 8.1.0.x and 8.1.x prior to 8.1.2 and Dell EMC IsilonSD Edge versions 8.0.0.x, 8.0.1.x, 8.1.0.x and 8.1.x prior to 8.1.2 contain a remote process crash vulnerability. An unauthenticated remote attacker may potentially exploit this vulnerability to crash the isi_drive_d process by sending specially crafted input data to the affected system. This process will then be restarted.
Severity ?
7.5 (High)
CWE
- remote process crash vulnerability
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Dell EMC | Isilon OneFS |
Affected:
7.1.1.x, 7.2.1.x, 8.0.0.x, 8.0.1.x, 8.1.0.x and 8.1.x , < 8.1.2
(custom)
|
|||||||
|
|||||||||
Credits
Dell EMC would like to thank Honggang Ren of Fortinet's FortiGuard Labs for reporting this vulnerability.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:54:36.649Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20180914 DSA-2018-147: Dell EMC Isilon OneFS and IsilonSD Edge Remote Process Crash Vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "https://seclists.org/fulldisclosure/2018/Sep/19"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Isilon OneFS",
"vendor": "Dell EMC",
"versions": [
{
"lessThan": "8.1.2 ",
"status": "affected",
"version": "7.1.1.x, 7.2.1.x, 8.0.0.x, 8.0.1.x, 8.1.0.x and 8.1.x",
"versionType": "custom"
}
]
},
{
"product": "IsilonSD Edge",
"vendor": "Dell EMC",
"versions": [
{
"lessThan": "8.1.2 ",
"status": "affected",
"version": "8.0.0.x, 8.0.1.x, 8.1.0.x and 8.1.x",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Dell EMC would like to thank Honggang Ren of Fortinet\u0027s FortiGuard Labs for reporting this vulnerability."
}
],
"datePublic": "2018-09-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Dell EMC Isilon OneFS versions 7.1.1.x, 7.2.1.x, 8.0.0.x, 8.0.1.x, 8.1.0.x and 8.1.x prior to 8.1.2 and Dell EMC IsilonSD Edge versions 8.0.0.x, 8.0.1.x, 8.1.0.x and 8.1.x prior to 8.1.2 contain a remote process crash vulnerability. An unauthenticated remote attacker may potentially exploit this vulnerability to crash the isi_drive_d process by sending specially crafted input data to the affected system. This process will then be restarted."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "remote process crash vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-09-18T20:57:01",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"name": "20180914 DSA-2018-147: Dell EMC Isilon OneFS and IsilonSD Edge Remote Process Crash Vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "https://seclists.org/fulldisclosure/2018/Sep/19"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "DSA-2018-147: Dell EMC Isilon OneFS and IsilonSD Edge Remote Process Crash Vulnerability ",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security_alert@emc.com",
"ID": "CVE-2018-11071",
"STATE": "PUBLIC",
"TITLE": "DSA-2018-147: Dell EMC Isilon OneFS and IsilonSD Edge Remote Process Crash Vulnerability "
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Isilon OneFS",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_name": "7.1.1.x, 7.2.1.x, 8.0.0.x, 8.0.1.x, 8.1.0.x and 8.1.x",
"version_value": "8.1.2 "
}
]
}
},
{
"product_name": "IsilonSD Edge",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_name": "8.0.0.x, 8.0.1.x, 8.1.0.x and 8.1.x",
"version_value": "8.1.2 "
}
]
}
}
]
},
"vendor_name": "Dell EMC"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Dell EMC would like to thank Honggang Ren of Fortinet\u0027s FortiGuard Labs for reporting this vulnerability."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Dell EMC Isilon OneFS versions 7.1.1.x, 7.2.1.x, 8.0.0.x, 8.0.1.x, 8.1.0.x and 8.1.x prior to 8.1.2 and Dell EMC IsilonSD Edge versions 8.0.0.x, 8.0.1.x, 8.1.0.x and 8.1.x prior to 8.1.2 contain a remote process crash vulnerability. An unauthenticated remote attacker may potentially exploit this vulnerability to crash the isi_drive_d process by sending specially crafted input data to the affected system. This process will then be restarted."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "remote process crash vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20180914 DSA-2018-147: Dell EMC Isilon OneFS and IsilonSD Edge Remote Process Crash Vulnerability",
"refsource": "FULLDISC",
"url": "https://seclists.org/fulldisclosure/2018/Sep/19"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2018-11071",
"datePublished": "2018-09-18T21:00:00",
"dateReserved": "2018-05-14T00:00:00",
"dateUpdated": "2024-08-05T07:54:36.649Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-14387 (GCVE-0-2017-14387)
Vulnerability from cvelistv5 – Published: 2017-12-20 23:00 – Updated: 2024-08-05 19:27
VLAI?
Summary
The NFS service in EMC Isilon OneFS 8.1.0.0, 8.0.1.0 - 8.0.1.1, and 8.0.0.0 - 8.0.0.4 maintains default NFS export settings (including the NFS export security flavor for authentication) that can be leveraged by current and future NFS exports. This NFS service contained a flaw that did not properly propagate changes made to the default security flavor to all new and existing NFS exports that are configured to use default NFS export settings and that are mounted after those changes are made. This flaw may potentially allow NFS clients to access affected NFS exports using the default and potentially weaker security flavor even if a more secure one was selected to be used by the OneFS administrator, aka an "NFS Export Security Setting Fallback Vulnerability."
Severity ?
No CVSS data available.
CWE
- NFS Export Security Setting Fallback Vulnerability
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | EMC Isilon OneFS EMC Isilon OneFS 8.1.0.0, EMC Isilon OneFS 8.0.1.0 -- 8.0.1.1, EMC Isilon OneFS 8.0.0.0 8.0.0.4 |
Affected:
EMC Isilon OneFS EMC Isilon OneFS 8.1.0.0, EMC Isilon OneFS 8.0.1.0 -- 8.0.1.1, EMC Isilon OneFS 8.0.0.0 8.0.0.4
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T19:27:40.832Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2017/Dec/78"
},
{
"name": "102292",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/102292"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMC Isilon OneFS EMC Isilon OneFS 8.1.0.0, EMC Isilon OneFS 8.0.1.0 -- 8.0.1.1, EMC Isilon OneFS 8.0.0.0 8.0.0.4",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "EMC Isilon OneFS EMC Isilon OneFS 8.1.0.0, EMC Isilon OneFS 8.0.1.0 -- 8.0.1.1, EMC Isilon OneFS 8.0.0.0 8.0.0.4"
}
]
}
],
"datePublic": "2017-12-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The NFS service in EMC Isilon OneFS 8.1.0.0, 8.0.1.0 - 8.0.1.1, and 8.0.0.0 - 8.0.0.4 maintains default NFS export settings (including the NFS export security flavor for authentication) that can be leveraged by current and future NFS exports. This NFS service contained a flaw that did not properly propagate changes made to the default security flavor to all new and existing NFS exports that are configured to use default NFS export settings and that are mounted after those changes are made. This flaw may potentially allow NFS clients to access affected NFS exports using the default and potentially weaker security flavor even if a more secure one was selected to be used by the OneFS administrator, aka an \"NFS Export Security Setting Fallback Vulnerability.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "NFS Export Security Setting Fallback Vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-29T10:57:01",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://seclists.org/fulldisclosure/2017/Dec/78"
},
{
"name": "102292",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/102292"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security_alert@emc.com",
"ID": "CVE-2017-14387",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMC Isilon OneFS EMC Isilon OneFS 8.1.0.0, EMC Isilon OneFS 8.0.1.0 -- 8.0.1.1, EMC Isilon OneFS 8.0.0.0 8.0.0.4",
"version": {
"version_data": [
{
"version_value": "EMC Isilon OneFS EMC Isilon OneFS 8.1.0.0, EMC Isilon OneFS 8.0.1.0 -- 8.0.1.1, EMC Isilon OneFS 8.0.0.0 8.0.0.4"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The NFS service in EMC Isilon OneFS 8.1.0.0, 8.0.1.0 - 8.0.1.1, and 8.0.0.0 - 8.0.0.4 maintains default NFS export settings (including the NFS export security flavor for authentication) that can be leveraged by current and future NFS exports. This NFS service contained a flaw that did not properly propagate changes made to the default security flavor to all new and existing NFS exports that are configured to use default NFS export settings and that are mounted after those changes are made. This flaw may potentially allow NFS clients to access affected NFS exports using the default and potentially weaker security flavor even if a more secure one was selected to be used by the OneFS administrator, aka an \"NFS Export Security Setting Fallback Vulnerability.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "NFS Export Security Setting Fallback Vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://seclists.org/fulldisclosure/2017/Dec/78",
"refsource": "CONFIRM",
"url": "http://seclists.org/fulldisclosure/2017/Dec/78"
},
{
"name": "102292",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102292"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2017-14387",
"datePublished": "2017-12-20T23:00:00",
"dateReserved": "2017-09-12T00:00:00",
"dateUpdated": "2024-08-05T19:27:40.832Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-14380 (GCVE-0-2017-14380)
Vulnerability from cvelistv5 – Published: 2017-12-13 20:00 – Updated: 2024-08-05 19:27
VLAI?
Summary
In EMC Isilon OneFS 8.1.0.0, 8.0.1.0 - 8.0.1.1, 8.0.0.0 - 8.0.0.4, 7.2.1.0 - 7.2.1.5, 7.2.0.x, and 7.1.1.x, a malicious compliance admin (compadmin) account user could exploit a vulnerability in isi_get_itrace or isi_get_profile maintenance scripts to run any shell script as system root on a cluster in compliance mode. This could potentially lead to an elevation of privilege for the compadmin user and violate compliance mode.
Severity ?
No CVSS data available.
CWE
- Privilege Escalation Vulnerability
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | EMC Isilon OneFS 8.1.0.0, 8.0.1.0 8.0.1.1, 8.0.0.0 - 8.0.0.4, 7.2.1.0 - 7.2.1.5, 7.2.0.x, 7.1.1.x |
Affected:
EMC Isilon OneFS 8.1.0.0, 8.0.1.0 8.0.1.1, 8.0.0.0 - 8.0.0.4, 7.2.1.0 - 7.2.1.5, 7.2.0.x, 7.1.1.x
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T19:27:40.598Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2017/Dec/41"
},
{
"name": "102210",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/102210"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMC Isilon OneFS 8.1.0.0, 8.0.1.0 8.0.1.1, 8.0.0.0 - 8.0.0.4, 7.2.1.0 - 7.2.1.5, 7.2.0.x, 7.1.1.x",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "EMC Isilon OneFS 8.1.0.0, 8.0.1.0 8.0.1.1, 8.0.0.0 - 8.0.0.4, 7.2.1.0 - 7.2.1.5, 7.2.0.x, 7.1.1.x"
}
]
}
],
"datePublic": "2017-12-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "In EMC Isilon OneFS 8.1.0.0, 8.0.1.0 - 8.0.1.1, 8.0.0.0 - 8.0.0.4, 7.2.1.0 - 7.2.1.5, 7.2.0.x, and 7.1.1.x, a malicious compliance admin (compadmin) account user could exploit a vulnerability in isi_get_itrace or isi_get_profile maintenance scripts to run any shell script as system root on a cluster in compliance mode. This could potentially lead to an elevation of privilege for the compadmin user and violate compliance mode."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Privilege Escalation Vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-19T10:57:01",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://seclists.org/fulldisclosure/2017/Dec/41"
},
{
"name": "102210",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/102210"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security_alert@emc.com",
"ID": "CVE-2017-14380",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMC Isilon OneFS 8.1.0.0, 8.0.1.0 8.0.1.1, 8.0.0.0 - 8.0.0.4, 7.2.1.0 - 7.2.1.5, 7.2.0.x, 7.1.1.x",
"version": {
"version_data": [
{
"version_value": "EMC Isilon OneFS 8.1.0.0, 8.0.1.0 8.0.1.1, 8.0.0.0 - 8.0.0.4, 7.2.1.0 - 7.2.1.5, 7.2.0.x, 7.1.1.x"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In EMC Isilon OneFS 8.1.0.0, 8.0.1.0 - 8.0.1.1, 8.0.0.0 - 8.0.0.4, 7.2.1.0 - 7.2.1.5, 7.2.0.x, and 7.1.1.x, a malicious compliance admin (compadmin) account user could exploit a vulnerability in isi_get_itrace or isi_get_profile maintenance scripts to run any shell script as system root on a cluster in compliance mode. This could potentially lead to an elevation of privilege for the compadmin user and violate compliance mode."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Privilege Escalation Vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://seclists.org/fulldisclosure/2017/Dec/41",
"refsource": "CONFIRM",
"url": "http://seclists.org/fulldisclosure/2017/Dec/41"
},
{
"name": "102210",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102210"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2017-14380",
"datePublished": "2017-12-13T20:00:00",
"dateReserved": "2017-09-12T00:00:00",
"dateUpdated": "2024-08-05T19:27:40.598Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-8024 (GCVE-0-2017-8024)
Vulnerability from cvelistv5 – Published: 2017-10-18 09:00 – Updated: 2024-08-05 16:19
VLAI?
Summary
EMC Isilon OneFS (versions prior to 8.1.0.1, versions prior to 8.0.1.2, versions prior to 8.0.0.6, version 7.2.1.x) is impacted by a reflected cross-site scripting vulnerability that may potentially be exploited by malicious users to compromise the affected system.
Severity ?
No CVSS data available.
CWE
- Reflected Cross Site Scripting Vulnerability
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | EMC Isilon OneFS EMC Isilon OneFS versions prior to 8.1.0.1, EMC Isilon OneFS versions prior to 8.0.1.2, EMC Isilon OneFS versions prior to 8.0.0.6, EMC Isilon OneFS 7.2.1.x |
Affected:
EMC Isilon OneFS EMC Isilon OneFS versions prior to 8.1.0.1, EMC Isilon OneFS versions prior to 8.0.1.2, EMC Isilon OneFS versions prior to 8.0.0.6, EMC Isilon OneFS 7.2.1.x
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T16:19:29.769Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2017/Oct/34"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMC Isilon OneFS EMC Isilon OneFS versions prior to 8.1.0.1, EMC Isilon OneFS versions prior to 8.0.1.2, EMC Isilon OneFS versions prior to 8.0.0.6, EMC Isilon OneFS 7.2.1.x",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "EMC Isilon OneFS EMC Isilon OneFS versions prior to 8.1.0.1, EMC Isilon OneFS versions prior to 8.0.1.2, EMC Isilon OneFS versions prior to 8.0.0.6, EMC Isilon OneFS 7.2.1.x"
}
]
}
],
"datePublic": "2017-10-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "EMC Isilon OneFS (versions prior to 8.1.0.1, versions prior to 8.0.1.2, versions prior to 8.0.0.6, version 7.2.1.x) is impacted by a reflected cross-site scripting vulnerability that may potentially be exploited by malicious users to compromise the affected system."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Reflected Cross Site Scripting Vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-18T08:57:01",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://seclists.org/fulldisclosure/2017/Oct/34"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security_alert@emc.com",
"ID": "CVE-2017-8024",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMC Isilon OneFS EMC Isilon OneFS versions prior to 8.1.0.1, EMC Isilon OneFS versions prior to 8.0.1.2, EMC Isilon OneFS versions prior to 8.0.0.6, EMC Isilon OneFS 7.2.1.x",
"version": {
"version_data": [
{
"version_value": "EMC Isilon OneFS EMC Isilon OneFS versions prior to 8.1.0.1, EMC Isilon OneFS versions prior to 8.0.1.2, EMC Isilon OneFS versions prior to 8.0.0.6, EMC Isilon OneFS 7.2.1.x"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "EMC Isilon OneFS (versions prior to 8.1.0.1, versions prior to 8.0.1.2, versions prior to 8.0.0.6, version 7.2.1.x) is impacted by a reflected cross-site scripting vulnerability that may potentially be exploited by malicious users to compromise the affected system."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Reflected Cross Site Scripting Vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://seclists.org/fulldisclosure/2017/Oct/34",
"refsource": "CONFIRM",
"url": "http://seclists.org/fulldisclosure/2017/Oct/34"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2017-8024",
"datePublished": "2017-10-18T09:00:00",
"dateReserved": "2017-04-21T00:00:00",
"dateUpdated": "2024-08-05T16:19:29.769Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-4988 (GCVE-0-2017-4988)
Vulnerability from cvelistv5 – Published: 2017-06-21 20:00 – Updated: 2024-08-05 14:47
VLAI?
Summary
EMC Isilon OneFS 8.0.1.0, 8.0.0 - 8.0.0.3, 7.2.0 - 7.2.1.4, 7.1.x is affected by a privilege escalation vulnerability that could potentially be exploited by attackers to compromise the affected system.
Severity ?
No CVSS data available.
CWE
- Privilege Escalation Vulnerability
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | EMC Isilon OneFS 8.0.1.0, 8.0.0 8.0.0.3, 7.2.0 - 7.2.1.4, 7.1.x |
Affected:
EMC Isilon OneFS 8.0.1.0, 8.0.0 8.0.0.3, 7.2.0 - 7.2.1.4, 7.1.x
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:47:44.082Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "99165",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/99165"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/540755/30/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMC Isilon OneFS 8.0.1.0, 8.0.0 8.0.0.3, 7.2.0 - 7.2.1.4, 7.1.x",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "EMC Isilon OneFS 8.0.1.0, 8.0.0 8.0.0.3, 7.2.0 - 7.2.1.4, 7.1.x"
}
]
}
],
"datePublic": "2017-06-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "EMC Isilon OneFS 8.0.1.0, 8.0.0 - 8.0.0.3, 7.2.0 - 7.2.1.4, 7.1.x is affected by a privilege escalation vulnerability that could potentially be exploited by attackers to compromise the affected system."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Privilege Escalation Vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-22T09:57:01",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"name": "99165",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/99165"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.securityfocus.com/archive/1/540755/30/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security_alert@emc.com",
"ID": "CVE-2017-4988",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMC Isilon OneFS 8.0.1.0, 8.0.0 8.0.0.3, 7.2.0 - 7.2.1.4, 7.1.x",
"version": {
"version_data": [
{
"version_value": "EMC Isilon OneFS 8.0.1.0, 8.0.0 8.0.0.3, 7.2.0 - 7.2.1.4, 7.1.x"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "EMC Isilon OneFS 8.0.1.0, 8.0.0 - 8.0.0.3, 7.2.0 - 7.2.1.4, 7.1.x is affected by a privilege escalation vulnerability that could potentially be exploited by attackers to compromise the affected system."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Privilege Escalation Vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "99165",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99165"
},
{
"name": "http://www.securityfocus.com/archive/1/540755/30/0/threaded",
"refsource": "CONFIRM",
"url": "http://www.securityfocus.com/archive/1/540755/30/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2017-4988",
"datePublished": "2017-06-21T20:00:00",
"dateReserved": "2016-12-29T00:00:00",
"dateUpdated": "2024-08-05T14:47:44.082Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-4979 (GCVE-0-2017-4979)
Vulnerability from cvelistv5 – Published: 2017-05-19 15:00 – Updated: 2024-08-05 14:47
VLAI?
Summary
EMC Isilon OneFS 8.0.1.0, OneFS 8.0.0.0 - 8.0.0.2, OneFS 7.2.1.0 - 7.2.1.3, and OneFS 7.2.0.x is affected by an NFS export vulnerability. Under certain conditions, after upgrading a cluster from OneFS 7.1.1.x or earlier, users may have unexpected levels of access to some NFS exports.
Severity ?
No CVSS data available.
CWE
- NFS Export Upgrade Vulnerability
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | EMC Isilon OneFS OneFS 8.0.1.0, OneFS 8.0.0.0 8.0.0.2, OneFS 7.2.1.0 - 7.2.1.3, OneFS 7.2.0.x |
Affected:
EMC Isilon OneFS OneFS 8.0.1.0, OneFS 8.0.0.0 8.0.0.2, OneFS 7.2.1.0 - 7.2.1.3, OneFS 7.2.0.x
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:47:44.041Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/540551/30/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMC Isilon OneFS OneFS 8.0.1.0, OneFS 8.0.0.0 8.0.0.2, OneFS 7.2.1.0 - 7.2.1.3, OneFS 7.2.0.x",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "EMC Isilon OneFS OneFS 8.0.1.0, OneFS 8.0.0.0 8.0.0.2, OneFS 7.2.1.0 - 7.2.1.3, OneFS 7.2.0.x"
}
]
}
],
"datePublic": "2017-05-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "EMC Isilon OneFS 8.0.1.0, OneFS 8.0.0.0 - 8.0.0.2, OneFS 7.2.1.0 - 7.2.1.3, and OneFS 7.2.0.x is affected by an NFS export vulnerability. Under certain conditions, after upgrading a cluster from OneFS 7.1.1.x or earlier, users may have unexpected levels of access to some NFS exports."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "NFS Export Upgrade Vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-05-19T14:57:01",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.securityfocus.com/archive/1/540551/30/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security_alert@emc.com",
"ID": "CVE-2017-4979",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMC Isilon OneFS OneFS 8.0.1.0, OneFS 8.0.0.0 8.0.0.2, OneFS 7.2.1.0 - 7.2.1.3, OneFS 7.2.0.x",
"version": {
"version_data": [
{
"version_value": "EMC Isilon OneFS OneFS 8.0.1.0, OneFS 8.0.0.0 8.0.0.2, OneFS 7.2.1.0 - 7.2.1.3, OneFS 7.2.0.x"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "EMC Isilon OneFS 8.0.1.0, OneFS 8.0.0.0 - 8.0.0.2, OneFS 7.2.1.0 - 7.2.1.3, and OneFS 7.2.0.x is affected by an NFS export vulnerability. Under certain conditions, after upgrading a cluster from OneFS 7.1.1.x or earlier, users may have unexpected levels of access to some NFS exports."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "NFS Export Upgrade Vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.securityfocus.com/archive/1/540551/30/0/threaded",
"refsource": "CONFIRM",
"url": "http://www.securityfocus.com/archive/1/540551/30/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2017-4979",
"datePublished": "2017-05-19T15:00:00",
"dateReserved": "2016-12-29T00:00:00",
"dateUpdated": "2024-08-05T14:47:44.041Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-4980 (GCVE-0-2017-4980)
Vulnerability from cvelistv5 – Published: 2017-03-29 21:00 – Updated: 2024-08-05 14:47
VLAI?
Summary
EMC Isilon OneFS is affected by a path traversal vulnerability that may potentially be exploited by attackers to compromise the affected system. Affected versions are 7.1.0 - 7.1.1.10, 7.2.0 - 7.2.1.3, and 8.0.0 - 8.0.0.1.
Severity ?
No CVSS data available.
CWE
- Path Traversal Vulnerability
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | EMC Isilon OneFS EMC Isilon OneFS 8.0.0 8.0.0.1, EMC Isilon OneFS 7.2.0 - 7.2.1.3, EMC Isilon OneFS 7.1.0 - 7.1.1.10 |
Affected:
EMC Isilon OneFS EMC Isilon OneFS 8.0.0 8.0.0.1, EMC Isilon OneFS 7.2.0 - 7.2.1.3, EMC Isilon OneFS 7.1.0 - 7.1.1.10
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:47:43.817Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "97222",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/97222"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/540338/30/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMC Isilon OneFS EMC Isilon OneFS 8.0.0 8.0.0.1, EMC Isilon OneFS 7.2.0 - 7.2.1.3, EMC Isilon OneFS 7.1.0 - 7.1.1.10",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "EMC Isilon OneFS EMC Isilon OneFS 8.0.0 8.0.0.1, EMC Isilon OneFS 7.2.0 - 7.2.1.3, EMC Isilon OneFS 7.1.0 - 7.1.1.10"
}
]
}
],
"datePublic": "2017-03-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "EMC Isilon OneFS is affected by a path traversal vulnerability that may potentially be exploited by attackers to compromise the affected system. Affected versions are 7.1.0 - 7.1.1.10, 7.2.0 - 7.2.1.3, and 8.0.0 - 8.0.0.1."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Path Traversal Vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-03-31T09:57:02",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"name": "97222",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/97222"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.securityfocus.com/archive/1/540338/30/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security_alert@emc.com",
"ID": "CVE-2017-4980",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMC Isilon OneFS EMC Isilon OneFS 8.0.0 8.0.0.1, EMC Isilon OneFS 7.2.0 - 7.2.1.3, EMC Isilon OneFS 7.1.0 - 7.1.1.10",
"version": {
"version_data": [
{
"version_value": "EMC Isilon OneFS EMC Isilon OneFS 8.0.0 8.0.0.1, EMC Isilon OneFS 7.2.0 - 7.2.1.3, EMC Isilon OneFS 7.1.0 - 7.1.1.10"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "EMC Isilon OneFS is affected by a path traversal vulnerability that may potentially be exploited by attackers to compromise the affected system. Affected versions are 7.1.0 - 7.1.1.10, 7.2.0 - 7.2.1.3, and 8.0.0 - 8.0.0.1."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Path Traversal Vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "97222",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97222"
},
{
"name": "http://www.securityfocus.com/archive/1/540338/30/0/threaded",
"refsource": "CONFIRM",
"url": "http://www.securityfocus.com/archive/1/540338/30/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2017-4980",
"datePublished": "2017-03-29T21:00:00",
"dateReserved": "2016-12-29T00:00:00",
"dateUpdated": "2024-08-05T14:47:43.817Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-9871 (GCVE-0-2016-9871)
Vulnerability from cvelistv5 – Published: 2017-02-03 07:24 – Updated: 2024-08-06 03:07
VLAI?
Summary
EMC Isilon OneFS 7.2.1.0 - 7.2.1.3, EMC Isilon OneFS 7.2.0.x, EMC Isilon OneFS 7.1.1.0 - 7.1.1.10, EMC Isilon OneFS 7.1.0.x is affected by a privilege escalation vulnerability that could potentially be exploited by attackers to compromise the affected system.
Severity ?
No CVSS data available.
CWE
- Privilege Escalation Vulnerability
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | EMC Isilon OneFS EMC Isilon OneFS 7.2.1.0 7.2.1.3, EMC Isilon OneFS 7.2.0.x, EMC Isilon OneFS 7.1.1.0 - 7.1.1.10, EMC Isilon OneFS 7.1.0.x |
Affected:
EMC Isilon OneFS EMC Isilon OneFS 7.2.1.0 7.2.1.3, EMC Isilon OneFS 7.2.0.x, EMC Isilon OneFS 7.1.1.0 - 7.1.1.10, EMC Isilon OneFS 7.1.0.x
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T03:07:30.796Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "95800",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95800"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/540050/30/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMC Isilon OneFS EMC Isilon OneFS 7.2.1.0 7.2.1.3, EMC Isilon OneFS 7.2.0.x, EMC Isilon OneFS 7.1.1.0 - 7.1.1.10, EMC Isilon OneFS 7.1.0.x",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "EMC Isilon OneFS EMC Isilon OneFS 7.2.1.0 7.2.1.3, EMC Isilon OneFS 7.2.0.x, EMC Isilon OneFS 7.1.1.0 - 7.1.1.10, EMC Isilon OneFS 7.1.0.x"
}
]
}
],
"datePublic": "2017-02-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "EMC Isilon OneFS 7.2.1.0 - 7.2.1.3, EMC Isilon OneFS 7.2.0.x, EMC Isilon OneFS 7.1.1.0 - 7.1.1.10, EMC Isilon OneFS 7.1.0.x is affected by a privilege escalation vulnerability that could potentially be exploited by attackers to compromise the affected system."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Privilege Escalation Vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-02-03T10:57:01",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"name": "95800",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95800"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.securityfocus.com/archive/1/540050/30/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security_alert@emc.com",
"ID": "CVE-2016-9871",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMC Isilon OneFS EMC Isilon OneFS 7.2.1.0 7.2.1.3, EMC Isilon OneFS 7.2.0.x, EMC Isilon OneFS 7.1.1.0 - 7.1.1.10, EMC Isilon OneFS 7.1.0.x",
"version": {
"version_data": [
{
"version_value": "EMC Isilon OneFS EMC Isilon OneFS 7.2.1.0 7.2.1.3, EMC Isilon OneFS 7.2.0.x, EMC Isilon OneFS 7.1.1.0 - 7.1.1.10, EMC Isilon OneFS 7.1.0.x"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "EMC Isilon OneFS 7.2.1.0 - 7.2.1.3, EMC Isilon OneFS 7.2.0.x, EMC Isilon OneFS 7.1.1.0 - 7.1.1.10, EMC Isilon OneFS 7.1.0.x is affected by a privilege escalation vulnerability that could potentially be exploited by attackers to compromise the affected system."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Privilege Escalation Vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "95800",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95800"
},
{
"name": "http://www.securityfocus.com/archive/1/540050/30/0/threaded",
"refsource": "CONFIRM",
"url": "http://www.securityfocus.com/archive/1/540050/30/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2016-9871",
"datePublished": "2017-02-03T07:24:00",
"dateReserved": "2016-12-06T00:00:00",
"dateUpdated": "2024-08-06T03:07:30.796Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-9870 (GCVE-0-2016-9870)
Vulnerability from cvelistv5 – Published: 2017-01-23 06:49 – Updated: 2024-08-06 03:07
VLAI?
Summary
EMC Isilon OneFS 8.0.0.0, EMC Isilon OneFS 7.2.1.0 - 7.2.1.2, EMC Isilon OneFS 7.2.0.x, EMC Isilon OneFS 7.1.1.0 - 7.1.1.10, and EMC Isilon OneFS 7.1.0.x is affected by an LDAP injection vulnerability that could potentially be exploited by a malicious user to compromise the system.
Severity ?
No CVSS data available.
CWE
- LDAP Injection
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | EMC Isilon OneFS |
Affected:
EMC Isilon OneFS
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T03:07:30.140Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/540020/30/0/threaded"
},
{
"name": "95626",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95626"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMC Isilon OneFS",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "EMC Isilon OneFS"
}
]
}
],
"datePublic": "2017-01-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "EMC Isilon OneFS 8.0.0.0, EMC Isilon OneFS 7.2.1.0 - 7.2.1.2, EMC Isilon OneFS 7.2.0.x, EMC Isilon OneFS 7.1.1.0 - 7.1.1.10, and EMC Isilon OneFS 7.1.0.x is affected by an LDAP injection vulnerability that could potentially be exploited by a malicious user to compromise the system."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "LDAP Injection",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-01-23T10:57:01",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.securityfocus.com/archive/1/540020/30/0/threaded"
},
{
"name": "95626",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95626"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security_alert@emc.com",
"ID": "CVE-2016-9870",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMC Isilon OneFS",
"version": {
"version_data": [
{
"version_value": "EMC Isilon OneFS"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "EMC Isilon OneFS 8.0.0.0, EMC Isilon OneFS 7.2.1.0 - 7.2.1.2, EMC Isilon OneFS 7.2.0.x, EMC Isilon OneFS 7.1.1.0 - 7.1.1.10, and EMC Isilon OneFS 7.1.0.x is affected by an LDAP injection vulnerability that could potentially be exploited by a malicious user to compromise the system."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "LDAP Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.securityfocus.com/archive/1/540020/30/0/threaded",
"refsource": "CONFIRM",
"url": "http://www.securityfocus.com/archive/1/540020/30/0/threaded"
},
{
"name": "95626",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95626"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2016-9870",
"datePublished": "2017-01-23T06:49:00",
"dateReserved": "2016-12-06T00:00:00",
"dateUpdated": "2024-08-06T03:07:30.140Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-0908 (GCVE-0-2016-0908)
Vulnerability from cvelistv5 – Published: 2016-06-04 01:00 – Updated: 2024-08-05 22:38
VLAI?
Summary
EMC Isilon OneFS 7.1.x before 7.1.1.9 and 7.2.x before 7.2.1.2 allows local users to obtain root shell access by leveraging administrative privileges.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:38:41.122Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20160602 ESA-2016-060: EMC Isilon OneFS Privilege Escalation Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://seclists.org/bugtraq/2016/Jun/13"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-06-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "EMC Isilon OneFS 7.1.x before 7.1.1.9 and 7.2.x before 7.2.1.2 allows local users to obtain root shell access by leveraging administrative privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-01-09T16:57:01",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"name": "20160602 ESA-2016-060: EMC Isilon OneFS Privilege Escalation Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://seclists.org/bugtraq/2016/Jun/13"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security_alert@emc.com",
"ID": "CVE-2016-0908",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "EMC Isilon OneFS 7.1.x before 7.1.1.9 and 7.2.x before 7.2.1.2 allows local users to obtain root shell access by leveraging administrative privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20160602 ESA-2016-060: EMC Isilon OneFS Privilege Escalation Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://seclists.org/bugtraq/2016/Jun/13"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2016-0908",
"datePublished": "2016-06-04T01:00:00",
"dateReserved": "2015-12-17T00:00:00",
"dateUpdated": "2024-08-05T22:38:41.122Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-11071 (GCVE-0-2018-11071)
Vulnerability from nvd – Published: 2018-09-18 21:00 – Updated: 2024-08-05 07:54
VLAI?
Title
DSA-2018-147: Dell EMC Isilon OneFS and IsilonSD Edge Remote Process Crash Vulnerability
Summary
Dell EMC Isilon OneFS versions 7.1.1.x, 7.2.1.x, 8.0.0.x, 8.0.1.x, 8.1.0.x and 8.1.x prior to 8.1.2 and Dell EMC IsilonSD Edge versions 8.0.0.x, 8.0.1.x, 8.1.0.x and 8.1.x prior to 8.1.2 contain a remote process crash vulnerability. An unauthenticated remote attacker may potentially exploit this vulnerability to crash the isi_drive_d process by sending specially crafted input data to the affected system. This process will then be restarted.
Severity ?
7.5 (High)
CWE
- remote process crash vulnerability
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Dell EMC | Isilon OneFS |
Affected:
7.1.1.x, 7.2.1.x, 8.0.0.x, 8.0.1.x, 8.1.0.x and 8.1.x , < 8.1.2
(custom)
|
|||||||
|
|||||||||
Credits
Dell EMC would like to thank Honggang Ren of Fortinet's FortiGuard Labs for reporting this vulnerability.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:54:36.649Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20180914 DSA-2018-147: Dell EMC Isilon OneFS and IsilonSD Edge Remote Process Crash Vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "https://seclists.org/fulldisclosure/2018/Sep/19"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Isilon OneFS",
"vendor": "Dell EMC",
"versions": [
{
"lessThan": "8.1.2 ",
"status": "affected",
"version": "7.1.1.x, 7.2.1.x, 8.0.0.x, 8.0.1.x, 8.1.0.x and 8.1.x",
"versionType": "custom"
}
]
},
{
"product": "IsilonSD Edge",
"vendor": "Dell EMC",
"versions": [
{
"lessThan": "8.1.2 ",
"status": "affected",
"version": "8.0.0.x, 8.0.1.x, 8.1.0.x and 8.1.x",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Dell EMC would like to thank Honggang Ren of Fortinet\u0027s FortiGuard Labs for reporting this vulnerability."
}
],
"datePublic": "2018-09-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Dell EMC Isilon OneFS versions 7.1.1.x, 7.2.1.x, 8.0.0.x, 8.0.1.x, 8.1.0.x and 8.1.x prior to 8.1.2 and Dell EMC IsilonSD Edge versions 8.0.0.x, 8.0.1.x, 8.1.0.x and 8.1.x prior to 8.1.2 contain a remote process crash vulnerability. An unauthenticated remote attacker may potentially exploit this vulnerability to crash the isi_drive_d process by sending specially crafted input data to the affected system. This process will then be restarted."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "remote process crash vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-09-18T20:57:01",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"name": "20180914 DSA-2018-147: Dell EMC Isilon OneFS and IsilonSD Edge Remote Process Crash Vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "https://seclists.org/fulldisclosure/2018/Sep/19"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "DSA-2018-147: Dell EMC Isilon OneFS and IsilonSD Edge Remote Process Crash Vulnerability ",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security_alert@emc.com",
"ID": "CVE-2018-11071",
"STATE": "PUBLIC",
"TITLE": "DSA-2018-147: Dell EMC Isilon OneFS and IsilonSD Edge Remote Process Crash Vulnerability "
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Isilon OneFS",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_name": "7.1.1.x, 7.2.1.x, 8.0.0.x, 8.0.1.x, 8.1.0.x and 8.1.x",
"version_value": "8.1.2 "
}
]
}
},
{
"product_name": "IsilonSD Edge",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_name": "8.0.0.x, 8.0.1.x, 8.1.0.x and 8.1.x",
"version_value": "8.1.2 "
}
]
}
}
]
},
"vendor_name": "Dell EMC"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Dell EMC would like to thank Honggang Ren of Fortinet\u0027s FortiGuard Labs for reporting this vulnerability."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Dell EMC Isilon OneFS versions 7.1.1.x, 7.2.1.x, 8.0.0.x, 8.0.1.x, 8.1.0.x and 8.1.x prior to 8.1.2 and Dell EMC IsilonSD Edge versions 8.0.0.x, 8.0.1.x, 8.1.0.x and 8.1.x prior to 8.1.2 contain a remote process crash vulnerability. An unauthenticated remote attacker may potentially exploit this vulnerability to crash the isi_drive_d process by sending specially crafted input data to the affected system. This process will then be restarted."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "remote process crash vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20180914 DSA-2018-147: Dell EMC Isilon OneFS and IsilonSD Edge Remote Process Crash Vulnerability",
"refsource": "FULLDISC",
"url": "https://seclists.org/fulldisclosure/2018/Sep/19"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2018-11071",
"datePublished": "2018-09-18T21:00:00",
"dateReserved": "2018-05-14T00:00:00",
"dateUpdated": "2024-08-05T07:54:36.649Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-14387 (GCVE-0-2017-14387)
Vulnerability from nvd – Published: 2017-12-20 23:00 – Updated: 2024-08-05 19:27
VLAI?
Summary
The NFS service in EMC Isilon OneFS 8.1.0.0, 8.0.1.0 - 8.0.1.1, and 8.0.0.0 - 8.0.0.4 maintains default NFS export settings (including the NFS export security flavor for authentication) that can be leveraged by current and future NFS exports. This NFS service contained a flaw that did not properly propagate changes made to the default security flavor to all new and existing NFS exports that are configured to use default NFS export settings and that are mounted after those changes are made. This flaw may potentially allow NFS clients to access affected NFS exports using the default and potentially weaker security flavor even if a more secure one was selected to be used by the OneFS administrator, aka an "NFS Export Security Setting Fallback Vulnerability."
Severity ?
No CVSS data available.
CWE
- NFS Export Security Setting Fallback Vulnerability
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | EMC Isilon OneFS EMC Isilon OneFS 8.1.0.0, EMC Isilon OneFS 8.0.1.0 -- 8.0.1.1, EMC Isilon OneFS 8.0.0.0 8.0.0.4 |
Affected:
EMC Isilon OneFS EMC Isilon OneFS 8.1.0.0, EMC Isilon OneFS 8.0.1.0 -- 8.0.1.1, EMC Isilon OneFS 8.0.0.0 8.0.0.4
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T19:27:40.832Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2017/Dec/78"
},
{
"name": "102292",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/102292"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMC Isilon OneFS EMC Isilon OneFS 8.1.0.0, EMC Isilon OneFS 8.0.1.0 -- 8.0.1.1, EMC Isilon OneFS 8.0.0.0 8.0.0.4",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "EMC Isilon OneFS EMC Isilon OneFS 8.1.0.0, EMC Isilon OneFS 8.0.1.0 -- 8.0.1.1, EMC Isilon OneFS 8.0.0.0 8.0.0.4"
}
]
}
],
"datePublic": "2017-12-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The NFS service in EMC Isilon OneFS 8.1.0.0, 8.0.1.0 - 8.0.1.1, and 8.0.0.0 - 8.0.0.4 maintains default NFS export settings (including the NFS export security flavor for authentication) that can be leveraged by current and future NFS exports. This NFS service contained a flaw that did not properly propagate changes made to the default security flavor to all new and existing NFS exports that are configured to use default NFS export settings and that are mounted after those changes are made. This flaw may potentially allow NFS clients to access affected NFS exports using the default and potentially weaker security flavor even if a more secure one was selected to be used by the OneFS administrator, aka an \"NFS Export Security Setting Fallback Vulnerability.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "NFS Export Security Setting Fallback Vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-29T10:57:01",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://seclists.org/fulldisclosure/2017/Dec/78"
},
{
"name": "102292",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/102292"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security_alert@emc.com",
"ID": "CVE-2017-14387",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMC Isilon OneFS EMC Isilon OneFS 8.1.0.0, EMC Isilon OneFS 8.0.1.0 -- 8.0.1.1, EMC Isilon OneFS 8.0.0.0 8.0.0.4",
"version": {
"version_data": [
{
"version_value": "EMC Isilon OneFS EMC Isilon OneFS 8.1.0.0, EMC Isilon OneFS 8.0.1.0 -- 8.0.1.1, EMC Isilon OneFS 8.0.0.0 8.0.0.4"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The NFS service in EMC Isilon OneFS 8.1.0.0, 8.0.1.0 - 8.0.1.1, and 8.0.0.0 - 8.0.0.4 maintains default NFS export settings (including the NFS export security flavor for authentication) that can be leveraged by current and future NFS exports. This NFS service contained a flaw that did not properly propagate changes made to the default security flavor to all new and existing NFS exports that are configured to use default NFS export settings and that are mounted after those changes are made. This flaw may potentially allow NFS clients to access affected NFS exports using the default and potentially weaker security flavor even if a more secure one was selected to be used by the OneFS administrator, aka an \"NFS Export Security Setting Fallback Vulnerability.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "NFS Export Security Setting Fallback Vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://seclists.org/fulldisclosure/2017/Dec/78",
"refsource": "CONFIRM",
"url": "http://seclists.org/fulldisclosure/2017/Dec/78"
},
{
"name": "102292",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102292"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2017-14387",
"datePublished": "2017-12-20T23:00:00",
"dateReserved": "2017-09-12T00:00:00",
"dateUpdated": "2024-08-05T19:27:40.832Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-14380 (GCVE-0-2017-14380)
Vulnerability from nvd – Published: 2017-12-13 20:00 – Updated: 2024-08-05 19:27
VLAI?
Summary
In EMC Isilon OneFS 8.1.0.0, 8.0.1.0 - 8.0.1.1, 8.0.0.0 - 8.0.0.4, 7.2.1.0 - 7.2.1.5, 7.2.0.x, and 7.1.1.x, a malicious compliance admin (compadmin) account user could exploit a vulnerability in isi_get_itrace or isi_get_profile maintenance scripts to run any shell script as system root on a cluster in compliance mode. This could potentially lead to an elevation of privilege for the compadmin user and violate compliance mode.
Severity ?
No CVSS data available.
CWE
- Privilege Escalation Vulnerability
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | EMC Isilon OneFS 8.1.0.0, 8.0.1.0 8.0.1.1, 8.0.0.0 - 8.0.0.4, 7.2.1.0 - 7.2.1.5, 7.2.0.x, 7.1.1.x |
Affected:
EMC Isilon OneFS 8.1.0.0, 8.0.1.0 8.0.1.1, 8.0.0.0 - 8.0.0.4, 7.2.1.0 - 7.2.1.5, 7.2.0.x, 7.1.1.x
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T19:27:40.598Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2017/Dec/41"
},
{
"name": "102210",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/102210"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMC Isilon OneFS 8.1.0.0, 8.0.1.0 8.0.1.1, 8.0.0.0 - 8.0.0.4, 7.2.1.0 - 7.2.1.5, 7.2.0.x, 7.1.1.x",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "EMC Isilon OneFS 8.1.0.0, 8.0.1.0 8.0.1.1, 8.0.0.0 - 8.0.0.4, 7.2.1.0 - 7.2.1.5, 7.2.0.x, 7.1.1.x"
}
]
}
],
"datePublic": "2017-12-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "In EMC Isilon OneFS 8.1.0.0, 8.0.1.0 - 8.0.1.1, 8.0.0.0 - 8.0.0.4, 7.2.1.0 - 7.2.1.5, 7.2.0.x, and 7.1.1.x, a malicious compliance admin (compadmin) account user could exploit a vulnerability in isi_get_itrace or isi_get_profile maintenance scripts to run any shell script as system root on a cluster in compliance mode. This could potentially lead to an elevation of privilege for the compadmin user and violate compliance mode."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Privilege Escalation Vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-19T10:57:01",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://seclists.org/fulldisclosure/2017/Dec/41"
},
{
"name": "102210",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/102210"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security_alert@emc.com",
"ID": "CVE-2017-14380",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMC Isilon OneFS 8.1.0.0, 8.0.1.0 8.0.1.1, 8.0.0.0 - 8.0.0.4, 7.2.1.0 - 7.2.1.5, 7.2.0.x, 7.1.1.x",
"version": {
"version_data": [
{
"version_value": "EMC Isilon OneFS 8.1.0.0, 8.0.1.0 8.0.1.1, 8.0.0.0 - 8.0.0.4, 7.2.1.0 - 7.2.1.5, 7.2.0.x, 7.1.1.x"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In EMC Isilon OneFS 8.1.0.0, 8.0.1.0 - 8.0.1.1, 8.0.0.0 - 8.0.0.4, 7.2.1.0 - 7.2.1.5, 7.2.0.x, and 7.1.1.x, a malicious compliance admin (compadmin) account user could exploit a vulnerability in isi_get_itrace or isi_get_profile maintenance scripts to run any shell script as system root on a cluster in compliance mode. This could potentially lead to an elevation of privilege for the compadmin user and violate compliance mode."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Privilege Escalation Vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://seclists.org/fulldisclosure/2017/Dec/41",
"refsource": "CONFIRM",
"url": "http://seclists.org/fulldisclosure/2017/Dec/41"
},
{
"name": "102210",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102210"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2017-14380",
"datePublished": "2017-12-13T20:00:00",
"dateReserved": "2017-09-12T00:00:00",
"dateUpdated": "2024-08-05T19:27:40.598Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-8024 (GCVE-0-2017-8024)
Vulnerability from nvd – Published: 2017-10-18 09:00 – Updated: 2024-08-05 16:19
VLAI?
Summary
EMC Isilon OneFS (versions prior to 8.1.0.1, versions prior to 8.0.1.2, versions prior to 8.0.0.6, version 7.2.1.x) is impacted by a reflected cross-site scripting vulnerability that may potentially be exploited by malicious users to compromise the affected system.
Severity ?
No CVSS data available.
CWE
- Reflected Cross Site Scripting Vulnerability
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | EMC Isilon OneFS EMC Isilon OneFS versions prior to 8.1.0.1, EMC Isilon OneFS versions prior to 8.0.1.2, EMC Isilon OneFS versions prior to 8.0.0.6, EMC Isilon OneFS 7.2.1.x |
Affected:
EMC Isilon OneFS EMC Isilon OneFS versions prior to 8.1.0.1, EMC Isilon OneFS versions prior to 8.0.1.2, EMC Isilon OneFS versions prior to 8.0.0.6, EMC Isilon OneFS 7.2.1.x
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T16:19:29.769Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2017/Oct/34"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMC Isilon OneFS EMC Isilon OneFS versions prior to 8.1.0.1, EMC Isilon OneFS versions prior to 8.0.1.2, EMC Isilon OneFS versions prior to 8.0.0.6, EMC Isilon OneFS 7.2.1.x",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "EMC Isilon OneFS EMC Isilon OneFS versions prior to 8.1.0.1, EMC Isilon OneFS versions prior to 8.0.1.2, EMC Isilon OneFS versions prior to 8.0.0.6, EMC Isilon OneFS 7.2.1.x"
}
]
}
],
"datePublic": "2017-10-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "EMC Isilon OneFS (versions prior to 8.1.0.1, versions prior to 8.0.1.2, versions prior to 8.0.0.6, version 7.2.1.x) is impacted by a reflected cross-site scripting vulnerability that may potentially be exploited by malicious users to compromise the affected system."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Reflected Cross Site Scripting Vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-18T08:57:01",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://seclists.org/fulldisclosure/2017/Oct/34"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security_alert@emc.com",
"ID": "CVE-2017-8024",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMC Isilon OneFS EMC Isilon OneFS versions prior to 8.1.0.1, EMC Isilon OneFS versions prior to 8.0.1.2, EMC Isilon OneFS versions prior to 8.0.0.6, EMC Isilon OneFS 7.2.1.x",
"version": {
"version_data": [
{
"version_value": "EMC Isilon OneFS EMC Isilon OneFS versions prior to 8.1.0.1, EMC Isilon OneFS versions prior to 8.0.1.2, EMC Isilon OneFS versions prior to 8.0.0.6, EMC Isilon OneFS 7.2.1.x"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "EMC Isilon OneFS (versions prior to 8.1.0.1, versions prior to 8.0.1.2, versions prior to 8.0.0.6, version 7.2.1.x) is impacted by a reflected cross-site scripting vulnerability that may potentially be exploited by malicious users to compromise the affected system."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Reflected Cross Site Scripting Vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://seclists.org/fulldisclosure/2017/Oct/34",
"refsource": "CONFIRM",
"url": "http://seclists.org/fulldisclosure/2017/Oct/34"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2017-8024",
"datePublished": "2017-10-18T09:00:00",
"dateReserved": "2017-04-21T00:00:00",
"dateUpdated": "2024-08-05T16:19:29.769Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-4988 (GCVE-0-2017-4988)
Vulnerability from nvd – Published: 2017-06-21 20:00 – Updated: 2024-08-05 14:47
VLAI?
Summary
EMC Isilon OneFS 8.0.1.0, 8.0.0 - 8.0.0.3, 7.2.0 - 7.2.1.4, 7.1.x is affected by a privilege escalation vulnerability that could potentially be exploited by attackers to compromise the affected system.
Severity ?
No CVSS data available.
CWE
- Privilege Escalation Vulnerability
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | EMC Isilon OneFS 8.0.1.0, 8.0.0 8.0.0.3, 7.2.0 - 7.2.1.4, 7.1.x |
Affected:
EMC Isilon OneFS 8.0.1.0, 8.0.0 8.0.0.3, 7.2.0 - 7.2.1.4, 7.1.x
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:47:44.082Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "99165",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/99165"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/540755/30/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMC Isilon OneFS 8.0.1.0, 8.0.0 8.0.0.3, 7.2.0 - 7.2.1.4, 7.1.x",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "EMC Isilon OneFS 8.0.1.0, 8.0.0 8.0.0.3, 7.2.0 - 7.2.1.4, 7.1.x"
}
]
}
],
"datePublic": "2017-06-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "EMC Isilon OneFS 8.0.1.0, 8.0.0 - 8.0.0.3, 7.2.0 - 7.2.1.4, 7.1.x is affected by a privilege escalation vulnerability that could potentially be exploited by attackers to compromise the affected system."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Privilege Escalation Vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-22T09:57:01",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"name": "99165",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/99165"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.securityfocus.com/archive/1/540755/30/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security_alert@emc.com",
"ID": "CVE-2017-4988",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMC Isilon OneFS 8.0.1.0, 8.0.0 8.0.0.3, 7.2.0 - 7.2.1.4, 7.1.x",
"version": {
"version_data": [
{
"version_value": "EMC Isilon OneFS 8.0.1.0, 8.0.0 8.0.0.3, 7.2.0 - 7.2.1.4, 7.1.x"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "EMC Isilon OneFS 8.0.1.0, 8.0.0 - 8.0.0.3, 7.2.0 - 7.2.1.4, 7.1.x is affected by a privilege escalation vulnerability that could potentially be exploited by attackers to compromise the affected system."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Privilege Escalation Vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "99165",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99165"
},
{
"name": "http://www.securityfocus.com/archive/1/540755/30/0/threaded",
"refsource": "CONFIRM",
"url": "http://www.securityfocus.com/archive/1/540755/30/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2017-4988",
"datePublished": "2017-06-21T20:00:00",
"dateReserved": "2016-12-29T00:00:00",
"dateUpdated": "2024-08-05T14:47:44.082Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-4979 (GCVE-0-2017-4979)
Vulnerability from nvd – Published: 2017-05-19 15:00 – Updated: 2024-08-05 14:47
VLAI?
Summary
EMC Isilon OneFS 8.0.1.0, OneFS 8.0.0.0 - 8.0.0.2, OneFS 7.2.1.0 - 7.2.1.3, and OneFS 7.2.0.x is affected by an NFS export vulnerability. Under certain conditions, after upgrading a cluster from OneFS 7.1.1.x or earlier, users may have unexpected levels of access to some NFS exports.
Severity ?
No CVSS data available.
CWE
- NFS Export Upgrade Vulnerability
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | EMC Isilon OneFS OneFS 8.0.1.0, OneFS 8.0.0.0 8.0.0.2, OneFS 7.2.1.0 - 7.2.1.3, OneFS 7.2.0.x |
Affected:
EMC Isilon OneFS OneFS 8.0.1.0, OneFS 8.0.0.0 8.0.0.2, OneFS 7.2.1.0 - 7.2.1.3, OneFS 7.2.0.x
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:47:44.041Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/540551/30/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMC Isilon OneFS OneFS 8.0.1.0, OneFS 8.0.0.0 8.0.0.2, OneFS 7.2.1.0 - 7.2.1.3, OneFS 7.2.0.x",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "EMC Isilon OneFS OneFS 8.0.1.0, OneFS 8.0.0.0 8.0.0.2, OneFS 7.2.1.0 - 7.2.1.3, OneFS 7.2.0.x"
}
]
}
],
"datePublic": "2017-05-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "EMC Isilon OneFS 8.0.1.0, OneFS 8.0.0.0 - 8.0.0.2, OneFS 7.2.1.0 - 7.2.1.3, and OneFS 7.2.0.x is affected by an NFS export vulnerability. Under certain conditions, after upgrading a cluster from OneFS 7.1.1.x or earlier, users may have unexpected levels of access to some NFS exports."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "NFS Export Upgrade Vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-05-19T14:57:01",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.securityfocus.com/archive/1/540551/30/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security_alert@emc.com",
"ID": "CVE-2017-4979",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMC Isilon OneFS OneFS 8.0.1.0, OneFS 8.0.0.0 8.0.0.2, OneFS 7.2.1.0 - 7.2.1.3, OneFS 7.2.0.x",
"version": {
"version_data": [
{
"version_value": "EMC Isilon OneFS OneFS 8.0.1.0, OneFS 8.0.0.0 8.0.0.2, OneFS 7.2.1.0 - 7.2.1.3, OneFS 7.2.0.x"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "EMC Isilon OneFS 8.0.1.0, OneFS 8.0.0.0 - 8.0.0.2, OneFS 7.2.1.0 - 7.2.1.3, and OneFS 7.2.0.x is affected by an NFS export vulnerability. Under certain conditions, after upgrading a cluster from OneFS 7.1.1.x or earlier, users may have unexpected levels of access to some NFS exports."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "NFS Export Upgrade Vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.securityfocus.com/archive/1/540551/30/0/threaded",
"refsource": "CONFIRM",
"url": "http://www.securityfocus.com/archive/1/540551/30/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2017-4979",
"datePublished": "2017-05-19T15:00:00",
"dateReserved": "2016-12-29T00:00:00",
"dateUpdated": "2024-08-05T14:47:44.041Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-4980 (GCVE-0-2017-4980)
Vulnerability from nvd – Published: 2017-03-29 21:00 – Updated: 2024-08-05 14:47
VLAI?
Summary
EMC Isilon OneFS is affected by a path traversal vulnerability that may potentially be exploited by attackers to compromise the affected system. Affected versions are 7.1.0 - 7.1.1.10, 7.2.0 - 7.2.1.3, and 8.0.0 - 8.0.0.1.
Severity ?
No CVSS data available.
CWE
- Path Traversal Vulnerability
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | EMC Isilon OneFS EMC Isilon OneFS 8.0.0 8.0.0.1, EMC Isilon OneFS 7.2.0 - 7.2.1.3, EMC Isilon OneFS 7.1.0 - 7.1.1.10 |
Affected:
EMC Isilon OneFS EMC Isilon OneFS 8.0.0 8.0.0.1, EMC Isilon OneFS 7.2.0 - 7.2.1.3, EMC Isilon OneFS 7.1.0 - 7.1.1.10
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:47:43.817Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "97222",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/97222"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/540338/30/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMC Isilon OneFS EMC Isilon OneFS 8.0.0 8.0.0.1, EMC Isilon OneFS 7.2.0 - 7.2.1.3, EMC Isilon OneFS 7.1.0 - 7.1.1.10",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "EMC Isilon OneFS EMC Isilon OneFS 8.0.0 8.0.0.1, EMC Isilon OneFS 7.2.0 - 7.2.1.3, EMC Isilon OneFS 7.1.0 - 7.1.1.10"
}
]
}
],
"datePublic": "2017-03-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "EMC Isilon OneFS is affected by a path traversal vulnerability that may potentially be exploited by attackers to compromise the affected system. Affected versions are 7.1.0 - 7.1.1.10, 7.2.0 - 7.2.1.3, and 8.0.0 - 8.0.0.1."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Path Traversal Vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-03-31T09:57:02",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"name": "97222",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/97222"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.securityfocus.com/archive/1/540338/30/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security_alert@emc.com",
"ID": "CVE-2017-4980",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMC Isilon OneFS EMC Isilon OneFS 8.0.0 8.0.0.1, EMC Isilon OneFS 7.2.0 - 7.2.1.3, EMC Isilon OneFS 7.1.0 - 7.1.1.10",
"version": {
"version_data": [
{
"version_value": "EMC Isilon OneFS EMC Isilon OneFS 8.0.0 8.0.0.1, EMC Isilon OneFS 7.2.0 - 7.2.1.3, EMC Isilon OneFS 7.1.0 - 7.1.1.10"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "EMC Isilon OneFS is affected by a path traversal vulnerability that may potentially be exploited by attackers to compromise the affected system. Affected versions are 7.1.0 - 7.1.1.10, 7.2.0 - 7.2.1.3, and 8.0.0 - 8.0.0.1."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Path Traversal Vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "97222",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97222"
},
{
"name": "http://www.securityfocus.com/archive/1/540338/30/0/threaded",
"refsource": "CONFIRM",
"url": "http://www.securityfocus.com/archive/1/540338/30/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2017-4980",
"datePublished": "2017-03-29T21:00:00",
"dateReserved": "2016-12-29T00:00:00",
"dateUpdated": "2024-08-05T14:47:43.817Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-9871 (GCVE-0-2016-9871)
Vulnerability from nvd – Published: 2017-02-03 07:24 – Updated: 2024-08-06 03:07
VLAI?
Summary
EMC Isilon OneFS 7.2.1.0 - 7.2.1.3, EMC Isilon OneFS 7.2.0.x, EMC Isilon OneFS 7.1.1.0 - 7.1.1.10, EMC Isilon OneFS 7.1.0.x is affected by a privilege escalation vulnerability that could potentially be exploited by attackers to compromise the affected system.
Severity ?
No CVSS data available.
CWE
- Privilege Escalation Vulnerability
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | EMC Isilon OneFS EMC Isilon OneFS 7.2.1.0 7.2.1.3, EMC Isilon OneFS 7.2.0.x, EMC Isilon OneFS 7.1.1.0 - 7.1.1.10, EMC Isilon OneFS 7.1.0.x |
Affected:
EMC Isilon OneFS EMC Isilon OneFS 7.2.1.0 7.2.1.3, EMC Isilon OneFS 7.2.0.x, EMC Isilon OneFS 7.1.1.0 - 7.1.1.10, EMC Isilon OneFS 7.1.0.x
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T03:07:30.796Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "95800",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95800"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/540050/30/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMC Isilon OneFS EMC Isilon OneFS 7.2.1.0 7.2.1.3, EMC Isilon OneFS 7.2.0.x, EMC Isilon OneFS 7.1.1.0 - 7.1.1.10, EMC Isilon OneFS 7.1.0.x",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "EMC Isilon OneFS EMC Isilon OneFS 7.2.1.0 7.2.1.3, EMC Isilon OneFS 7.2.0.x, EMC Isilon OneFS 7.1.1.0 - 7.1.1.10, EMC Isilon OneFS 7.1.0.x"
}
]
}
],
"datePublic": "2017-02-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "EMC Isilon OneFS 7.2.1.0 - 7.2.1.3, EMC Isilon OneFS 7.2.0.x, EMC Isilon OneFS 7.1.1.0 - 7.1.1.10, EMC Isilon OneFS 7.1.0.x is affected by a privilege escalation vulnerability that could potentially be exploited by attackers to compromise the affected system."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Privilege Escalation Vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-02-03T10:57:01",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"name": "95800",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95800"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.securityfocus.com/archive/1/540050/30/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security_alert@emc.com",
"ID": "CVE-2016-9871",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMC Isilon OneFS EMC Isilon OneFS 7.2.1.0 7.2.1.3, EMC Isilon OneFS 7.2.0.x, EMC Isilon OneFS 7.1.1.0 - 7.1.1.10, EMC Isilon OneFS 7.1.0.x",
"version": {
"version_data": [
{
"version_value": "EMC Isilon OneFS EMC Isilon OneFS 7.2.1.0 7.2.1.3, EMC Isilon OneFS 7.2.0.x, EMC Isilon OneFS 7.1.1.0 - 7.1.1.10, EMC Isilon OneFS 7.1.0.x"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "EMC Isilon OneFS 7.2.1.0 - 7.2.1.3, EMC Isilon OneFS 7.2.0.x, EMC Isilon OneFS 7.1.1.0 - 7.1.1.10, EMC Isilon OneFS 7.1.0.x is affected by a privilege escalation vulnerability that could potentially be exploited by attackers to compromise the affected system."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Privilege Escalation Vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "95800",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95800"
},
{
"name": "http://www.securityfocus.com/archive/1/540050/30/0/threaded",
"refsource": "CONFIRM",
"url": "http://www.securityfocus.com/archive/1/540050/30/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2016-9871",
"datePublished": "2017-02-03T07:24:00",
"dateReserved": "2016-12-06T00:00:00",
"dateUpdated": "2024-08-06T03:07:30.796Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-9870 (GCVE-0-2016-9870)
Vulnerability from nvd – Published: 2017-01-23 06:49 – Updated: 2024-08-06 03:07
VLAI?
Summary
EMC Isilon OneFS 8.0.0.0, EMC Isilon OneFS 7.2.1.0 - 7.2.1.2, EMC Isilon OneFS 7.2.0.x, EMC Isilon OneFS 7.1.1.0 - 7.1.1.10, and EMC Isilon OneFS 7.1.0.x is affected by an LDAP injection vulnerability that could potentially be exploited by a malicious user to compromise the system.
Severity ?
No CVSS data available.
CWE
- LDAP Injection
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | EMC Isilon OneFS |
Affected:
EMC Isilon OneFS
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T03:07:30.140Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/540020/30/0/threaded"
},
{
"name": "95626",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95626"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMC Isilon OneFS",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "EMC Isilon OneFS"
}
]
}
],
"datePublic": "2017-01-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "EMC Isilon OneFS 8.0.0.0, EMC Isilon OneFS 7.2.1.0 - 7.2.1.2, EMC Isilon OneFS 7.2.0.x, EMC Isilon OneFS 7.1.1.0 - 7.1.1.10, and EMC Isilon OneFS 7.1.0.x is affected by an LDAP injection vulnerability that could potentially be exploited by a malicious user to compromise the system."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "LDAP Injection",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-01-23T10:57:01",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.securityfocus.com/archive/1/540020/30/0/threaded"
},
{
"name": "95626",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95626"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security_alert@emc.com",
"ID": "CVE-2016-9870",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMC Isilon OneFS",
"version": {
"version_data": [
{
"version_value": "EMC Isilon OneFS"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "EMC Isilon OneFS 8.0.0.0, EMC Isilon OneFS 7.2.1.0 - 7.2.1.2, EMC Isilon OneFS 7.2.0.x, EMC Isilon OneFS 7.1.1.0 - 7.1.1.10, and EMC Isilon OneFS 7.1.0.x is affected by an LDAP injection vulnerability that could potentially be exploited by a malicious user to compromise the system."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "LDAP Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.securityfocus.com/archive/1/540020/30/0/threaded",
"refsource": "CONFIRM",
"url": "http://www.securityfocus.com/archive/1/540020/30/0/threaded"
},
{
"name": "95626",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95626"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2016-9870",
"datePublished": "2017-01-23T06:49:00",
"dateReserved": "2016-12-06T00:00:00",
"dateUpdated": "2024-08-06T03:07:30.140Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-0908 (GCVE-0-2016-0908)
Vulnerability from nvd – Published: 2016-06-04 01:00 – Updated: 2024-08-05 22:38
VLAI?
Summary
EMC Isilon OneFS 7.1.x before 7.1.1.9 and 7.2.x before 7.2.1.2 allows local users to obtain root shell access by leveraging administrative privileges.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:38:41.122Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20160602 ESA-2016-060: EMC Isilon OneFS Privilege Escalation Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://seclists.org/bugtraq/2016/Jun/13"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-06-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "EMC Isilon OneFS 7.1.x before 7.1.1.9 and 7.2.x before 7.2.1.2 allows local users to obtain root shell access by leveraging administrative privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-01-09T16:57:01",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"name": "20160602 ESA-2016-060: EMC Isilon OneFS Privilege Escalation Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://seclists.org/bugtraq/2016/Jun/13"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security_alert@emc.com",
"ID": "CVE-2016-0908",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "EMC Isilon OneFS 7.1.x before 7.1.1.9 and 7.2.x before 7.2.1.2 allows local users to obtain root shell access by leveraging administrative privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20160602 ESA-2016-060: EMC Isilon OneFS Privilege Escalation Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://seclists.org/bugtraq/2016/Jun/13"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2016-0908",
"datePublished": "2016-06-04T01:00:00",
"dateReserved": "2015-12-17T00:00:00",
"dateUpdated": "2024-08-05T22:38:41.122Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}