Lucene search
+L
DellEmc Isilon Onefs

14 matches found

CVE
CVE
added 2020/03/06 8:25 p.m.132 views

CVE-2020-5328

Dell EMC Isilon OneFS before version 8.2.0 contains an unauthorized access vulnerability due to insufficient authorization checks when SyncIQ is licensed; encrypted syncs are not marked as required, potentially allowing loss of cluster control. The issue affects the Isilon OneFS platform (SyncIQ-...

10CVSS9.2AI score0.01387EPSS
CVE
CVE
added 2020/04/03 11:20 p.m.123 views

CVE-2020-5347

Summary (CVE-2020-5347) Dell EMC Isilon OneFS versions 8.2.2 and earlier are affected by a denial-of-service condition in the SmartConnect DNS component. The issue arises from an error condition that may loop, consuming CPU and potentially preventing other SmartConnect DNS responses. The CVSS3.1 ...

7.5CVSS7.4AI score0.01044EPSS
CVE
CVE
added 2020/02/06 5:45 p.m.81 views

CVE-2020-5318

Dell EMC Isilon OneFS prior to fixed versions 8.1.2, 8.1.0.4, 8.1.0.3, and 8.0.0.7 contains a vulnerability in non-RAN HTTP and WebDAV components where enabling Basic Authentication for these components allows access to files without authentication. Impact: potential exposure of restricted files....

7.5CVSS7.7AI score0.01126EPSS
CVE
CVE
added 2018/03/26 6:0 p.m.79 views

CVE-2018-1213

CVE-2018-1213 refers to cross-site request forgery vulnerabilities in Dell EMC Isilon OneFS. Affected versions include OneFS 8.1.0.0–8.1.0.1, 8.0.1.0–8.0.1.2, 8.0.0.0–8.0.0.6, 7.2.1.x, 7.1.1.11, and 8.1.0.2. The issue arises from the Web console lacking anti-CSRF protections, allowing an authenti...

8.8CVSS7.2AI score0.0201EPSS
CVE
CVE
added 2018/03/26 6:0 p.m.78 views

CVE-2018-1204

Summary for CVE-2018-1204 (Isilon OneFS) : Dell EMC Isilon OneFS web console vulnerabilities include a path traversal flaw in the isi_phone_home tool that can be triggered when remote support is enabled, potentially allowing a malicious user with compadmin rights to execute arbitrary code with ro...

7.2CVSS7.4AI score0.02412EPSS
CVE
CVE
added 2018/03/26 6:0 p.m.69 views

CVE-2018-1203

Overview: CVE-2018-1203 affects Dell EMC Isilon OneFS. CORE Security CORE-2017-0009 describes multiple vulnerabilities in the OneFS Web console, including a local privilege escalation path where the compadmin can exploit sudo to run tcpdump with root privileges. This enables arbitrary root comman...

7.2CVSS7.5AI score0.02192EPSS
CVE
CVE
added 2021/01/05 9:40 p.m.69 views

CVE-2020-26181

Dell EMC Isilon OneFS (8.1+) and Dell EMC PowerScale OneFS (9.0.0) expose a local privilege-escalation in SmartLock Compliance mode clusters. The compadmin user who can authenticate via ISI PRIV LOGIN SSH or ISI PRIV LOGIN CONSOLE can elevate to root if they possess ISI PRIV HARDENING privileges....

7.8CVSS7.8AI score0.00254EPSS
CVE
CVE
added 2020/05/20 8:45 p.m.67 views

CVE-2020-5364

Dell EMC Isilon OneFS: SNMPv2 enabled by default in versions 8.2.2 and earlier with a pre-configured community string grants read‑only access to many cluster aspects, exposing confidentiality (CVSSv3.1 base 7.5) and potentially enabling broader access. No explicit exploitation details are provide...

7.5CVSS7.5AI score0.00985EPSS
CVE
CVE
added 2021/07/29 3:55 p.m.63 views

CVE-2020-5353

The CVE concerns Dell Isilon OneFS (versions 8.2.2 and earlier) and Dell EMC PowerScale OneFS (version 9.0.0) where the default NFS configuration exposes the admin home directory. An attacker may abuse a forged UID over NFS to rewrite sensitive files, granting administrative access. The issue is ...

9CVSS8.7AI score0.00972EPSS
CVE
CVE
added 2021/07/28 12:5 a.m.62 views

CVE-2020-26180

CVE-2020-26180 affects Dell EMC Isilon OneFS (8.1+), and Dell EMC PowerScale OneFS (9.0.0). The root cause is an access issue tied to the remotesupport user account, allowing a remote, low-privilege attacker to access data under the /ifs directory via most protocols. The documents do not provide ...

8.8CVSS8.6AI score0.00593EPSS
CVE
CVE
added 2022/10/21 6:5 p.m.56 views

CVE-2020-5355

CVE-2020-5355 affects Dell EMC Isilon OneFS (versions 8.2.2 and earlier) via the SSHD process, which improperly allows TCP and streaming forwarding. This grants the remotesupport user and users with restricted shells more access than intended. Based on provided documents, the vulnerability impact...

4.3CVSS4.7AI score0.00381EPSS
CVE
CVE
added 2020/07/06 5:45 p.m.48 views

CVE-2020-5371

CVE-2020-5371 affects Dell EMC Isilon OneFS (versions 8.2.2 and earlier) and Dell EMC PowerScale (version 9.0.0). A file permissions weakness allows an attacker with network or local access to access restricted files. The vulnerability stems from insufficiently enforced file permissions, enabling...

8.8CVSS8.4AI score0.01152EPSS
CVE
CVE
added 2020/09/02 8:55 p.m.44 views

CVE-2020-5369

Dell EMC Isilon OneFS (versions 8.2.2 and earlier) and Dell EMC PowerScale OneFS (version 9.0.0) contain a privilege-escalation vulnerability exploitable by an authenticated user via SyncIQ to access system management files. Root cause centers on elevated rights during management file access; imp...

8.8CVSS8.8AI score0.01214EPSS
CVE
CVE
added 2020/05/20 8:45 p.m.40 views

CVE-2020-5365

CVE-2020-5365 affects Dell EMC Isilon OneFS versions 8.2.2 and earlier. The vulnerability arises from a pre‑configured remotesupport account with a predictable default password, allowing a remote attacker to compromise the system (per NVD/CNVD entries). CVSSv3.1 base score 7.5 (HIGH). Dell EMC’s ...

7.5CVSS7.6AI score0.00985EPSS