CVSS: 6.1EPSS: 0%CPEs: 10EXPL: 0CVE-2017-8024 – EMC Isilon OneFS Cross Site Scripting
https://notcve.org/view.php?id=CVE-2017-8024
16 Oct 2017 — EMC Isilon OneFS (versions prior to 8.1.0.1, versions prior to 8.0.1.2, versions prior to 8.0.0.6, version 7.2.1.x) is impacted by a reflected cross-site scripting vulnerability that may potentially be exploited by malicious users to compromise the affected system. EMC Isilon OneFS (versiones anteriores a la 8.1.0.1, 8.0.1.2 y 8.0.0.6 y en versiones 7.2.1.x) se ha visto afectado por una vulnerabilidad de Cross-Site Scripting reflejado que podría ser explotada por usuarios maliciosos para comprometer el sist... • http://seclists.org/fulldisclosure/2017/Oct/34 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.0EPSS: 0%CPEs: 30EXPL: 0CVE-2017-4988 – EMC Isilon OneFS Privilege Escalation
https://notcve.org/view.php?id=CVE-2017-4988
21 Jun 2017 — EMC Isilon OneFS 8.0.1.0, 8.0.0 - 8.0.0.3, 7.2.0 - 7.2.1.4, 7.1.x is affected by a privilege escalation vulnerability that could potentially be exploited by attackers to compromise the affected system. EMC Isilon OneFS en versiones 8.0.1.0, 8.0.0 - 8.0.0.3, 7.2.0 - 7.2.1.4 y 7.1.x se ha visto afectado por una vulnerabilidad de escalado de privilegios que podría ser explotada por atacantes para comprometer el sistema afectado. EMC Isilon OneFS is affected by a privilege escalation vulnerability that could po... • http://www.securityfocus.com/archive/1/540755/30/0/threaded •
CVSS: 7.5EPSS: 2%CPEs: 24EXPL: 0CVE-2017-4980 – EMC Isilon OneFS Path Traversal
https://notcve.org/view.php?id=CVE-2017-4980
29 Mar 2017 — EMC Isilon OneFS is affected by a path traversal vulnerability that may potentially be exploited by attackers to compromise the affected system. Affected versions are 7.1.0 - 7.1.1.10, 7.2.0 - 7.2.1.3, and 8.0.0 - 8.0.0.1. EMC Isilon OneFS es afectada por una vulnerabilidad de recorrido transversal que potencialmente puede ser explotada por los atacantes para comprometer el sistema afectado. Las versiones afectadas son 7.1.0 - 7.1.1.10, 7.2.0 - 7.2.1.3 y 8.0.0 - 8.0.0.1. EMC Isilon OneFS versions 7.1.0 thro... • http://www.securityfocus.com/archive/1/540338/30/0/threaded • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.0EPSS: 0%CPEs: 23EXPL: 0CVE-2016-9871 – EMC Isilon OneFS Privilege Escalation
https://notcve.org/view.php?id=CVE-2016-9871
25 Jan 2017 — EMC Isilon OneFS 7.2.1.0 - 7.2.1.3, EMC Isilon OneFS 7.2.0.x, EMC Isilon OneFS 7.1.1.0 - 7.1.1.10, EMC Isilon OneFS 7.1.0.x is affected by a privilege escalation vulnerability that could potentially be exploited by attackers to compromise the affected system. EMC Isilon OneFS 7.1.0.x, EMC Isilon OneFS 7.1.0.10, EMC Isilon OneFS 7.1.0.x se ve afectada por una vulnerabilidad de escalada de privilegios que podría ser potencialmente explotada por los atacantes para comprometer el sistema afectado. EMC Isilon On... • http://www.securityfocus.com/archive/1/540050/30/0/threaded • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.2EPSS: 0%CPEs: 26EXPL: 0CVE-2016-9870 – EMC Isilon OneFS LDAP Injection
https://notcve.org/view.php?id=CVE-2016-9870
18 Jan 2017 — EMC Isilon OneFS 8.0.0.0, EMC Isilon OneFS 7.2.1.0 - 7.2.1.2, EMC Isilon OneFS 7.2.0.x, EMC Isilon OneFS 7.1.1.0 - 7.1.1.10, and EMC Isilon OneFS 7.1.0.x is affected by an LDAP injection vulnerability that could potentially be exploited by a malicious user to compromise the system. EMC Isilon OneFS 8.0.0.0, EMC Isilon OneFS 7.2.1.0 - 7.2.1.2, EMC Isilon OneFS 7.2.0.x, EMC Isilon OneFS 7.1.1.0 - 7.1.1.10 y EMC Isilon OneFS 7.1.0.x está afectado por una vulnerabilidad de inyección LDAP que podría ser potencia... • http://www.securityfocus.com/archive/1/540020/30/0/threaded • CWE-90: Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection') •
CVSS: 6.8EPSS: 0%CPEs: 24EXPL: 0CVE-2016-0908 – EMC Isilon OneFS Privilege Escalation
https://notcve.org/view.php?id=CVE-2016-0908
02 Jun 2016 — EMC Isilon OneFS 7.1.x before 7.1.1.9 and 7.2.x before 7.2.1.2 allows local users to obtain root shell access by leveraging administrative privileges. EMC Isilon OneFS 7.1.x en versiones anteriores a 7.1.1.9 y 7.2.x en versiones anteriores a 7.2.1.2 permite a usuarios locales obtener acceso root al shell aprovechando privilegios administrativos. EMC Isilon OneFS is affected by a privilege escalation vulnerability that may potentially be exploited by attackers to compromise the affected system. Versions 7.1.... • http://seclists.org/bugtraq/2016/Jun/13 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.9EPSS: 0%CPEs: 23EXPL: 0CVE-2016-0907 – EMC Isilon OneFS SMB Man-In-The-Middle
https://notcve.org/view.php?id=CVE-2016-0907
27 May 2016 — EMC Isilon OneFS 7.1.x and 7.2.x before 7.2.1.3 and 8.0.x before 8.0.0.1, and IsilonSD Edge OneFS 8.0.x before 8.0.0.1, does not require SMB signing within a DCERPC session over ncacn_np, which allows man-in-the-middle attackers to spoof SMB clients by modifying the client-server data stream, a similar issue to CVE-2016-2115. EMC Isilon OneFS 7.1.x y 7.2.x en versiones anteriores a 7.2.1.3 y 8.0.x en versiones anteriores a 8.0.0.1 e IsilonSD Edge OneFS 8.0.x en versiones anteriores a 8.0.0.1, no requiere la... • http://seclists.org/bugtraq/2016/May/117 • CWE-254: 7PK - Security Features •
CVSS: 9.0EPSS: 0%CPEs: 12EXPL: 0CVE-2015-4545 – EMC Isilon OneFS Security Privilege Escalation
https://notcve.org/view.php?id=CVE-2015-4545
17 Dec 2015 — EMC Isilon OneFS 7.1 before 7.1.1.8, 7.2.0 before 7.2.0.4, and 7.2.1 before 7.2.1.1 allows remote authenticated administrators to bypass a SmartLock root-login restriction by creating a root account and establishing a login session. EMC Isilon OneFS 7.1 en versiones anteriores a 7.1.1.8, 7.2.0 en versiones anteriores a 7.2.0.4 y 7.2.1 en versiones anteriores a 7.2.1.1 permite a administradores remotos autenticados eludir una restricción de inicio de sesión root mediante la creación de una cuenta root y el e... • http://seclists.org/bugtraq/2015/Dec/103 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 8.8EPSS: 0%CPEs: 9EXPL: 0CVE-2015-6848 – EMC Isilon OneFS Privilege Escalation
https://notcve.org/view.php?id=CVE-2015-6848
25 Nov 2015 — EMC Isilon OneFS 7.1.x before 7.1.1.5, 7.2.0.x before 7.2.0.3, and 7.2.1.x before 7.2.1.1, when the RFC 2307 feature is configured but SFU is not universally present, allows remote authenticated AD users to obtain root privileges via unspecified vectors. EMC Isilon OneFS 7.1.x en versiones anteriores a 7.1.1.5, 7.2.0.x en versiones anteriores a 7.2.0.3 y 7.2.1.x en versiones anteriores a 7.2.1.1, cuando la funcionalidad RFC 2307 es configurada pero SFU no está presente universalmente, permite a usuarios AD ... • http://seclists.org/bugtraq/2015/Nov/121 • CWE-284: Improper Access Control •
CVSS: 9.0EPSS: 0%CPEs: 7EXPL: 0CVE-2015-4525 – EMC Isilon OneFS Command Injection
https://notcve.org/view.php?id=CVE-2015-4525
02 Jul 2015 — The log-gather implementation in the web administration interface in EMC Isilon OneFS 6.5.x.x through 7.1.1.x before 7.1.1.5 and 7.2.0.x before 7.2.0.2 allows remote authenticated users to execute arbitrary commands with root privileges via unspecified vectors. La implementación log-gather en la interfaz de la administración web en EMC Isilon OneFS 6.5.x.x hasta 7.1.1.x anterior a 7.1.1.5 y 7.2.0.x anterior a 7.2.0.2 permite a usuarios remotos autenticados ejecutar comandos arbitrarios con privilegios root ... • http://seclists.org/bugtraq/2015/Jul/11 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •