Emc Isilon Onefs@* Security Vulnerabilities and Issues — Emc Isilon Onefs@* CVE List

Lucene search

DellEmc Isilon Onefs*

14 matches found

CVE•added 2020/03/06 9:15 p.m.•118 views

CVE-2020-5328

Dell EMC Isilon OneFS versions prior to 8.2.0 contain an unauthorized access vulnerability due to a lack of thorough authorization checks when SyncIQ is licensed, but encrypted syncs are not marked as required. When this happens, loss of control of the cluster can occur.

10CVSS9.2AI score0.00391EPSS

CVE•added 2020/04/04 12:15 a.m.•110 views

CVE-2020-5347

Dell EMC Isilon OneFS versions 8.2.2 and earlier contain a denial of service vulnerability. SmartConnect had an error condition that may be triggered to loop, using CPU and potentially preventing other SmartConnect DNS responses.

7.5CVSS7.4AI score0.00536EPSS

CVE•added 2018/03/26 6:29 p.m.•65 views

CVE-2018-1213

Dell EMC Isilon OneFS versions between 8.1.0.0 - 8.1.0.1, 8.0.1.0 - 8.0.1.2, and 8.0.0.0 - 8.0.0.6, versions 7.2.1.x, and version 7.1.1.11 and 8.1.0.2 is affected by a cross-site request forgery vulnerability. A malicious user may potentially exploit this vulnerability to send unauthorized requests...

8.8CVSS7.2AI score0.00374EPSS

CVE•added 2018/03/26 6:29 p.m.•60 views

CVE-2018-1204

Dell EMC Isilon OneFS versions between 8.1.0.0 - 8.1.0.1, 8.0.1.0 - 8.0.1.2, and 8.0.0.0 - 8.0.0.6, versions 7.2.1.x, and version 7.1.1.11 is affected by a path traversal vulnerability in the isi_phone_home tool. A malicious compadmin may potentially exploit this vulnerability to execute arbitrary ...

7.2CVSS7.4AI score0.00949EPSS

CVE•added 2018/03/26 6:29 p.m.•55 views

CVE-2018-1203

In Dell EMC Isilon OneFS, the compadmin is able to run tcpdump binary with root privileges. In versions between 8.1.0.0 - 8.1.0.1, 8.0.1.0 - 8.0.1.2, and 8.0.0.0 - 8.0.0.6, the tcpdump binary, being run with sudo, may potentially be used by compadmin to execute arbitrary code with root privileges.

7.2CVSS7.5AI score0.01083EPSS

CVE•added 2021/01/05 10:15 p.m.•55 views

CVE-2020-26181

Dell EMC Isilon OneFS versions 8.1 and later and Dell EMC PowerScale OneFS version 9.0.0 contain a privilege escalation vulnerability on a SmartLock Compliance mode cluster. The compadmin user connecting using ISI PRIV LOGIN SSH or ISI PRIV LOGIN CONSOLE can elevate privileges to the root user if t...

7.8CVSS7.8AI score0.00038EPSS

CVE•added 2020/05/20 9:15 p.m.•55 views

CVE-2020-5364

Dell EMC Isilon OneFS versions 8.2.2 and earlier contain an SNMPv2 vulnerability. The SNMPv2 services is enabled, by default, with a pre-configured community string. This community string allows read-only access to many aspects of the Isilon cluster, some of which are considered sensitive and can f...

7.5CVSS7.5AI score0.0026EPSS

CVE•added 2021/07/28 12:15 a.m.•50 views

CVE-2020-26180

Dell EMC Isilon OneFS supported versions 8.1 and later and Dell EMC PowerScale OneFS supported version 9.0.0 contain an access issue with the remotesupport user account. A remote malicious user with low privileges may gain access to data stored on the /ifs directory through most protocols.

8.8CVSS8.6AI score0.00319EPSS

CVE•added 2021/07/29 4:15 p.m.•47 views

CVE-2020-5353

The Dell Isilon OneFS versions 8.2.2 and earlier and Dell EMC PowerScale OneFS version 9.0.0 default configuration for Network File System (NFS) allows access to an 'admin' home directory. An attacker may leverage a spoofed Unique Identifier (UID) over NFS to rewrite sensitive files to gain adminis...

9CVSS8.7AI score0.00336EPSS

CVE•added 2022/10/21 6:15 p.m.•39 views

CVE-2020-5355

The Dell Isilon OneFS versions 8.2.2 and earlier SSHD process improperly allows Transmission Control Protocol (TCP) and stream forwarding. This provides the remotesupport user and users with restricted shells more access than is intended.

4.3CVSS4.7AI score0.00159EPSS

CVE•added 2020/07/06 6:15 p.m.•37 views

CVE-2020-5371

Dell EMC Isilon OneFS versions 8.2.2 and earlier and Dell EMC PowerScale version 9.0.0 contain a file permissions vulnerability. An attacker, with network or local file access, could take advantage of insufficiently applied file permissions or gain unauthorized access to files.

8.8CVSS8.4AI score0.00277EPSS

CVE•added 2020/08/27 7:15 p.m.•33 views

CVE-2020-5383

Dell EMC Isilon OneFS version 8.2.2 and Dell EMC PowerScale OneFS version 9.0.0 contains a buffer overflow vulnerability in the Likewise component. A remote unauthenticated malicious attacker may potentially exploit this vulnerability to cause a process restart.

5.3CVSS5.6AI score0.0029EPSS

CVE•added 2020/09/02 9:15 p.m.•31 views

CVE-2020-5369

Dell EMC Isilon OneFS versions 8.2.2 and earlier and Dell EMC PowerScale OneFS version 9.0.0 contain a privilege escalation vulnerability. An authenticated malicious user may exploit this vulnerability by using SyncIQ to gain unauthorized access to system management files.

8.8CVSS8.8AI score0.0046EPSS

CVE•added 2020/05/20 9:15 p.m.•27 views

CVE-2020-5365

Dell EMC Isilon versions 8.2.2 and earlier contain a remotesupport vulnerability. The pre-configured support account, remotesupport, is bundled in the Dell EMC Isilon OneFS installation. This account is used for diagnostics and other support functions. Although the default password is different for...

7.5CVSS7.6AI score0.0026EPSS