15 matches found
CVE-2016-0907
CVE-2016-0907 affects EMC Isilon OneFS 7.1.x and 7.2.x before 7.2.1.3, and 8.0.x before 8.0.0.1, plus IsilonSD Edge OneFS 8.0.x before 8.0.0.1. The issue is that SMB signing is not required within a DCERPC session over ncacn_np, enabling a man-in-the-middle attacker to spoof SMB clients by modify...
CVE-2015-4545
CVE-2015-4545 affects EMC Isilon OneFS (7.1, 7.2) and allows remote authenticated administrators to bypass the SmartLock root-login restriction by creating a root account and establishing a login session. The issue is described consistently across sources (NVD/NIST and CNVD/CVE records) as an ele...
CVE-2018-11071
Dell EMC Isilon OneFS and IsilonSD Edge vulnerable in listed 7.1.1.x, 7.2.1.x, 8.0.0.x, 8.0.1.x, 8.1.0.x, and 8.1.x prior to 8.1.2; unauthenticated remote input can crash the isi_drive_d process, after which the process restarts. No explicit remediation or affected versions beyond those listed ar...
CVE-2017-14387
The CVE-2017-14387 issue concerns EMC Isilon OneFS NFS exports. The affected products are OneFS versions 8.1.0.0, 8.0.1.0–8.0.1.1, and 8.0.0.0–8.0.0.4. The flaw is that changes to the default NFS export security flavor are not consistently propagated to all new and existing NFS exports configured...
CVE-2015-0528
CVE-2015-0528 concerns EMC Isilon OneFS where the RPC daemon allows local users to gain privileges by modifying system files. Affected versions include OneFS 6.5.x and 7.0.x prior to 7.0.2.13, 7.1.0 prior to 7.1.0.6, 7.1.1 prior to 7.1.1.2, and 7.2.0 prior to 7.2.0.1. EMC advisory ESA-2015-049 do...
CVE-2017-14380
EMC Isilon OneFS is affected by CVE-2017-14380, impacting versions 8.1.0.0; 8.0.1.0–8.0.1.1; 8.0.0.0–8.0.0.4; 7.2.1.0–7.2.1.5; 7.2.0.x; and 7.1.1.x. A malicious compadmin user can exploit a vulnerability in isi_get_itrace or isi_get_profile maintenance scripts to run any shell script as system ro...
CVE-2017-4980
EMC Isilon OneFS is affected by a path traversal vulnerability. Affected versions are 7.1.0–7.1.1.10, 7.2.0–7.2.1.3, and 8.0.0–8.0.0.1. The provided documents describe the issue as a directory/path traversal that could compromise the system, but do not include explicit root-cause details, vulnera...
CVE-2017-8024
EMC Isilon OneFS is affected by a reflected cross-site scripting vulnerability (CVE-2017-8024) in multiple release lines. The CVE description in the linked sources states that versions prior to 8.1.0.1, prior to 8.0.1.2, prior to 8.0.0.6, and version 7.2.1.x are impacted. The vulnerability is des...
CVE-2015-6848
EMC Isilon OneFS vulnerability (CVE-2015-6848) affects Isilon 7.1.x before 7.1.1.5, 7.2.0.x before 7.2.0.3, and 7.2.1.x before 7.2.1.1. When RFC 2307 is configured but SFU is not universally present, remote authenticated AD users can obtain root privileges via unspecified vectors. The underlying ...
CVE-2016-9871
EMC Isilon OneFS is affected by a privilege escalation vulnerability (CVE-2016-9871) in versions 7.2.1.0–7.2.1.3, 7.2.0.x, 7.1.1.0–7.1.1.10, and 7.1.0.x. The connected OpenVAS entry and CVE entries describe a privilege escalation that could allow an attacker to compromise the affected system, but...
CVE-2017-4988
CVE-2017-4988 affects EMC Isilon OneFS, including versions 8.0.1.0, 8.0.0–8.0.0.3, 7.2.0–7.2.1.4 and 7.1.x. The vulnerability is described as a privilege escalation that could allow an attacker to compromise the affected system. Multiple sources (NVD, CVE lists, and related vulnerability database...
CVE-2017-4979
CVE-2017-4979 affects EMC Isilon OneFS: versions 8.0.1.0, 8.0.0.0–8.0.0.2, 7.2.1.0–7.2.1.3, and 7.2.0.x. After upgrading a cluster from OneFS 7.1.1.x or earlier, users may obtain unexpected levels of access to some NFS exports. The connected sources reiterate an NFS export vulnerability in OneFS ...
CVE-2016-0908
EMC Isilon OneFS 7.1.x before 7.1.1.9 and 7.2.x before 7.2.1.2 are affected by CVE-2016-0908. The vulnerability allows a local attacker with administrative privileges to obtain root shell access by exploiting privilege escalation within the Isilon OneFS environment. The description confirms local...
CVE-2015-4525
EMC Isilon OneFS log-gather web admin interface vulnerability (CVE-2015-4525) allows remote authenticated users to execute commands with root privileges due to improper input validation in the log collection path. Affected: OneFS 6.5.x.x–7.1.1.x (before 7.1.1.5) and 7.2.0.x (before 7.2.0.2). Impa...
CVE-2016-9870
CVE-2016-9870 affects EMC Isilon OneFS: versions 8.0.0.0, 7.2.1.0–7.2.1.2, 7.2.0.x, 7.1.1.0–7.1.1.10, and 7.1.0.x. The connected sources describe an LDAP injection vulnerability that could be exploited by a malicious user to compromise the system. Affected component is LDAP handling in OneFS; the...