5 matches found
CVE-2016-9868
EMC ScaleIO is affected by CVE-2016-9868 due to a local denial-of-service vulnerability in the SCINI driver. The issue affects ScaleIO versions before 2.0.1.1 where a low-privileged local attacker can trigger IOCTL calls to the SCINI driver, causing a kernel panic and rendering the ScaleIO Data C...
CVE-2016-9869
CVE-2016-9869 affects EMC ScaleIO versions before 2.0.1.1. The issue is incorrect permissions on the SCINI driver, allowing a low-privileged local attacker to modify the configuration and render the ScaleIO Data Client (SDC) server unavailable (partial availability impact). The documented remedia...
CVE-2017-8019
CVE-2017-8019 affects EMC ScaleIO 2.0.1.x. A vulnerability in the message parsers used by MDM, SDS, and LIA could allow an unauthenticated remote attacker to send specially crafted packets to stop ScaleIO services, causing a denial-of-service. The issue is triggered by parsing crafted messages; n...
CVE-2016-9867
EMC ScaleIO (pre-2.0.1.1) contains a local privilege escalation in the SCINI kernel driver. A low-privilege local attacker can modify kernel memory in SCINI, potentially achieving code execution to escalate to root on ScaleIO Data Client (SDC) servers. Affected component: SCINI driver within EMC ...
CVE-2017-8020
CVE-2017-8020 affects EMC ScaleIO 2.0.1.x; a buffer overflow in the SDBG service may allow a remote unauthenticated attacker to execute arbitrary commands with root privileges on the affected server. Connected documents corroborate the product/version and root cause (buffer overflow in SDBG), and...