Lucene search
K

134 matches found

OSV
OSV
added 2018/03/26 6:29 p.m.5 views

CVE-2018-1204

Dell EMC Isilon OneFS versions between 8.1.0.0 - 8.1.0.1, 8.0.1.0 - 8.0.1.2, and 8.0.0.0 - 8.0.0.6, versions 7.2.1.x, and version 7.1.1.11 is affected by a path traversal vulnerability in the isiphonehome tool. A malicious compadmin may potentially exploit this vulnerability to execute arbitrary...

6.7CVSS6.1AI score0.02412EPSS
Exploits5References4
NVD
NVD
added 2018/03/26 6:29 p.m.27 views

CVE-2018-1203

In Dell EMC Isilon OneFS, the compadmin is able to run tcpdump binary with root privileges. In versions between 8.1.0.0 - 8.1.0.1, 8.0.1.0 - 8.0.1.2, and 8.0.0.0 - 8.0.0.6, the tcpdump binary, being run with sudo, may potentially be used by compadmin to execute arbitrary code with root privileges...

7.2CVSS6.9AI score0.02192EPSS
Exploits5References4
OSV
OSV
added 2018/03/26 6:29 p.m.2 views

CVE-2018-1213

Dell EMC Isilon OneFS versions between 8.1.0.0 - 8.1.0.1, 8.0.1.0 - 8.0.1.2, and 8.0.0.0 - 8.0.0.6, versions 7.2.1.x, and version 7.1.1.11 and 8.1.0.2 is affected by a cross-site request forgery vulnerability. A malicious user may potentially exploit this vulnerability to send unauthorized reques...

8.8CVSS5.7AI score0.0201EPSS
Exploits5References4
OSV
OSV
added 2018/03/26 6:29 p.m.4 views

CVE-2018-1186

Dell EMC Isilon versions between 8.1.0.0 - 8.1.0.1, 8.0.1.0 - 8.0.1.2, and 8.0.0.0 - 8.0.0.6, versions 7.2.1.x, and version 7.1.1.11 is affected by a cross-site scripting vulnerability in the Cluster description of the OneFS web administration interface. A malicious administrator may potentially...

4.8CVSS5.8AI score0.01861EPSS
Exploits5References4
Prion
Prion
added 2018/03/26 6:29 p.m.16 views

Path traversal

Dell EMC Isilon OneFS versions between 8.1.0.0 - 8.1.0.1, 8.0.1.0 - 8.0.1.2, and 8.0.0.0 - 8.0.0.6, versions 7.2.1.x, and version 7.1.1.11 is affected by a path traversal vulnerability in the isiphonehome tool. A malicious compadmin may potentially exploit this vulnerability to execute arbitrary...

7.2CVSS7.5AI score0.02412EPSS
Exploits5References4Affected Software1
Cvelist
Cvelist
added 2018/03/26 6:0 p.m.26 views

CVE-2018-1203

In Dell EMC Isilon OneFS, the compadmin is able to run tcpdump binary with root privileges. In versions between 8.1.0.0 - 8.1.0.1, 8.0.1.0 - 8.0.1.2, and 8.0.0.0 - 8.0.0.6, the tcpdump binary, being run with sudo, may potentially be used by compadmin to execute arbitrary code with root privileges...

8AI score0.02192EPSS
Exploits5References4
Cvelist
Cvelist
added 2018/03/26 6:0 p.m.30 views

CVE-2018-1204

Dell EMC Isilon OneFS versions between 8.1.0.0 - 8.1.0.1, 8.0.1.0 - 8.0.1.2, and 8.0.0.0 - 8.0.0.6, versions 7.2.1.x, and version 7.1.1.11 is affected by a path traversal vulnerability in the isiphonehome tool. A malicious compadmin may potentially exploit this vulnerability to execute arbitrary...

8AI score0.02412EPSS
Exploits5References4
Cvelist
Cvelist
added 2018/03/26 6:0 p.m.31 views

CVE-2018-1213

Dell EMC Isilon OneFS versions between 8.1.0.0 - 8.1.0.1, 8.0.1.0 - 8.0.1.2, and 8.0.0.0 - 8.0.0.6, versions 7.2.1.x, and version 7.1.1.11 and 8.1.0.2 is affected by a cross-site request forgery vulnerability. A malicious user may potentially exploit this vulnerability to send unauthorized reques...

8.6AI score0.0201EPSS
Exploits5References4
CVE
CVE
added 2018/03/26 6:0 p.m.69 views

CVE-2018-1203

Overview: CVE-2018-1203 affects Dell EMC Isilon OneFS. CORE Security CORE-2017-0009 describes multiple vulnerabilities in the OneFS Web console, including a local privilege escalation path where the compadmin can exploit sudo to run tcpdump with root privileges. This enables arbitrary root comman...

7.2CVSS7.5AI score0.02192EPSS
Exploits5References4Affected Software1
0day.today
0day.today
added 2018/02/15 12:0 a.m.161 views

Dell EMC Isilon OneFS - Multiple Vulnerabilities

Exploit for linux platform in category web applications Dell EMC Isilon OneFS Multiple Vulnerabilities 1. Advisory Information Title: Dell EMC Isilon OneFS Multiple Vulnerabilities Advisory ID: CORE-2017-0009 Advisory URL:...

6.4AI score0.287EPSS
Exploits13
NVD
NVD
added 2017/12/20 11:29 p.m.19 views

CVE-2017-14387

The NFS service in EMC Isilon OneFS 8.1.0.0, 8.0.1.0 - 8.0.1.1, and 8.0.0.0 - 8.0.0.4 maintains default NFS export settings including the NFS export security flavor for authentication that can be leveraged by current and future NFS exports. This NFS service contained a flaw that did not properly...

6.5CVSS6.4AI score0.00914EPSS
Exploits0References2
Prion
Prion
added 2017/12/20 11:29 p.m.19 views

Design/Logic Flaw

The NFS service in EMC Isilon OneFS 8.1.0.0, 8.0.1.0 - 8.0.1.1, and 8.0.0.0 - 8.0.0.4 maintains default NFS export settings including the NFS export security flavor for authentication that can be leveraged by current and future NFS exports. This NFS service contained a flaw that did not properly...

6.4CVSS6.4AI score0.00914EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2017/12/20 11:0 p.m.50 views

CVE-2017-14387

The CVE-2017-14387 issue concerns EMC Isilon OneFS NFS exports. The affected products are OneFS versions 8.1.0.0, 8.0.1.0–8.0.1.1, and 8.0.0.0–8.0.0.4. The flaw is that changes to the default NFS export security flavor are not consistently propagated to all new and existing NFS exports configured...

6.5CVSS6.4AI score0.00914EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2017/12/20 12:0 a.m.3 views

EMC Isilon OneFS NFS Export Security Bypass Vulnerability

EMC Isilon OneFS is a distributed file system that supports EMC Isilon Horizontally Scalable Storage System from EMC Corporation. The system combines the three layers of a traditional storage architecture file system, volume manager and data protection into a single unified software layer to crea...

6.5CVSS6.8AI score0.00914EPSS
Exploits0References1
CNVD
CNVD
added 2017/12/15 12:0 a.m.2 views

EMC Isilon OneFS Privilege Vulnerability

EMC Isilon OneFS is a distributed file system that supports EMC Isilon Horizontally Scalable Storage System from EMC Corporation. The system combines the three layers of a traditional storage architecture file system, volume manager and data protection into a single unified software layer to crea...

7.2CVSS7AI score0.00352EPSS
Exploits1References1
0day.today
0day.today
added 2017/12/14 12:0 a.m.50 views

EMC Isilon OneFS Privilege Escalation Vulnerability

EMC Isilon OneFS versions 7.x and 8.x suffer from a privilege escalation vulnerability. They contain an issue where a 'compadmin' user can potentially run restricted system commands with elevated root privilege on a cluster in compliance mode. EMC Isilon OneFS Privilege Escalation Vulnerability C...

7.2CVSS1.5AI score0.00352EPSS
Exploits1
NVD
NVD
added 2017/12/13 8:29 p.m.25 views

CVE-2017-14380

In EMC Isilon OneFS 8.1.0.0, 8.0.1.0 - 8.0.1.1, 8.0.0.0 - 8.0.0.4, 7.2.1.0 - 7.2.1.5, 7.2.0.x, and 7.1.1.x, a malicious compliance admin compadmin account user could exploit a vulnerability in isigetitrace or isigetprofile maintenance scripts to run any shell script as system root on a cluster in...

7.2CVSS6.6AI score0.00352EPSS
Exploits1References2
Prion
Prion
added 2017/12/13 8:29 p.m.17 views

Privilege escalation

In EMC Isilon OneFS 8.1.0.0, 8.0.1.0 - 8.0.1.1, 8.0.0.0 - 8.0.0.4, 7.2.1.0 - 7.2.1.5, 7.2.0.x, and 7.1.1.x, a malicious compliance admin compadmin account user could exploit a vulnerability in isigetitrace or isigetprofile maintenance scripts to run any shell script as system root on a cluster in...

7.2CVSS6.6AI score0.00352EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2017/12/13 8:0 p.m.24 views

CVE-2017-14380

In EMC Isilon OneFS 8.1.0.0, 8.0.1.0 - 8.0.1.1, 8.0.0.0 - 8.0.0.4, 7.2.1.0 - 7.2.1.5, 7.2.0.x, and 7.1.1.x, a malicious compliance admin compadmin account user could exploit a vulnerability in isigetitrace or isigetprofile maintenance scripts to run any shell script as system root on a cluster in...

6.6AI score0.00352EPSS
Exploits1References2
OSV
OSV
added 2017/10/18 9:29 a.m.2 views

CVE-2017-8024

EMC Isilon OneFS versions prior to 8.1.0.1, versions prior to 8.0.1.2, versions prior to 8.0.0.6, version 7.2.1.x is impacted by a reflected cross-site scripting vulnerability that may potentially be exploited by malicious users to compromise the affected system...

6.1CVSS5.7AI score0.00632EPSS
Exploits0References1
Rows per page
Query Builder