2 matches found
Dell EMC ScaleIO Buffer Overflow / Command Injection Vulnerability
Dell EMC ScaleIO customers are encouraged to update to ScaleIO version 2.5, which contains fixes for multiple security vulnerabilities in earlier ScaleIO software versions that could potentially be exploited by malicious users to compromise the affected system. Dell EMC Identifier: DSA-2018-058 C...
CVE-2018-1238
Dell EMC ScaleIO prior to version 2.5 is affected by CVE-2018-1238 due to a command-injection flaw in the Light Installation Agent (LIA), which handles deployment management and uses shell commands. A remote attacker with network access to LIA and knowledge of the LIA administrative password coul...