CVE-2017-14385

🗓️ 20 Dec 2017 23:00:00Reported by dellType

EMC Data Domain DD OS versions 5.7.x, 6.0.x, 6.1.x, Virtual Edition 2.0, and Virtual Edition 3.0/3.1 are vulnerable to memory overflow via SMBv1, leading to potential remote code injection and service shutdown

Reporter	Title	Published	Views	Family All 4
CNVD	EMC Data Domain DD OS Memory Overflow Vulnerability	20 Dec 201700:00	–	cnvd
CVE	CVE-2017-14385	20 Dec 201723:00	–	cve
NVD	CVE-2017-14385	20 Dec 201723:29	–	nvd
Prion	Design/Logic Flaw	20 Dec 201723:29	–	prion

[
  {
    "product": "EMC Data Domain DD OS EMC Data Domain DD OS 5.7 family, versions prior to 5.7.5.6, EMC Data Domain DD OS 6.0 family, versions prior to 6.0.2.9, EMC Data Domain DD OS 6.1 family, versions prior to 6.1.0.21, EMC Data Domain Virtual Edition 2.0 family, all versions, EMC Data Domain Virtual Edition 3.0 family, versions prior to 3.0 SP2 Update 1, EMC Data Domain Virtual Edition 3.1 family, versions prior to 3.1 Update 2",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "EMC Data Domain DD OS EMC Data Domain DD OS 5.7 family, versions prior to 5.7.5.6, EMC Data Domain DD OS 6.0 family, versions prior to 6.0.2.9, EMC Data Domain DD OS 6.1 family, versions prior to 6.1.0.21, EMC Data Domain Virtual Edition 2.0 family, all versions, EMC Data Domain Virtual Edition 3.0 family, versions prior to 3.0 SP2 Update 1, EMC Data Domain Virtual Edition 3.1 family, versions prior to 3.1 Update 2"
      }
    ]
  }
]

Source	Link
securitytracker	www.securitytracker.com/id/1040027
securityfocus	www.securityfocus.com/bid/102289
seclists	www.seclists.org/fulldisclosure/2017/Dec/79

28 Dec 2017 10:57Current

8High risk

Vulners AI Score8

EPSS0.0915