CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 0CVE-2018-11071 – DSA-2018-147: Dell EMC Isilon OneFS and IsilonSD Edge Remote Process Crash Vulnerability
https://notcve.org/view.php?id=CVE-2018-11071
07 Sep 2018 — Dell EMC Isilon OneFS versions 7.1.1.x, 7.2.1.x, 8.0.0.x, 8.0.1.x, 8.1.0.x and 8.1.x prior to 8.1.2 and Dell EMC IsilonSD Edge versions 8.0.0.x, 8.0.1.x, 8.1.0.x and 8.1.x prior to 8.1.2 contain a remote process crash vulnerability. An unauthenticated remote attacker may potentially exploit this vulnerability to crash the isi_drive_d process by sending specially crafted input data to the affected system. This process will then be restarted. Dell EMC Isilon OneFS en versiones 7.1.1.x, 7.2.1.x, 8.0.0.x, 8.0.1... • https://seclists.org/fulldisclosure/2018/Sep/19 • CWE-20: Improper Input Validation •
CVSS: 6.5EPSS: 0%CPEs: 8EXPL: 0CVE-2017-14387 – EMC Isilon OneFS NFS Export Security Setting Fallback
https://notcve.org/view.php?id=CVE-2017-14387
20 Dec 2017 — The NFS service in EMC Isilon OneFS 8.1.0.0, 8.0.1.0 - 8.0.1.1, and 8.0.0.0 - 8.0.0.4 maintains default NFS export settings (including the NFS export security flavor for authentication) that can be leveraged by current and future NFS exports. This NFS service contained a flaw that did not properly propagate changes made to the default security flavor to all new and existing NFS exports that are configured to use default NFS export settings and that are mounted after those changes are made. This flaw may pot... • http://seclists.org/fulldisclosure/2017/Dec/78 •
CVSS: 7.2EPSS: 0%CPEs: 26EXPL: 0CVE-2017-14380 – EMC Isilon OneFS Privilege Escalation
https://notcve.org/view.php?id=CVE-2017-14380
13 Dec 2017 — In EMC Isilon OneFS 8.1.0.0, 8.0.1.0 - 8.0.1.1, 8.0.0.0 - 8.0.0.4, 7.2.1.0 - 7.2.1.5, 7.2.0.x, and 7.1.1.x, a malicious compliance admin (compadmin) account user could exploit a vulnerability in isi_get_itrace or isi_get_profile maintenance scripts to run any shell script as system root on a cluster in compliance mode. This could potentially lead to an elevation of privilege for the compadmin user and violate compliance mode. En EMC Isilon OneFS 8.1.0.0, 8.0.1.0 - 8.0.1.1, 8.0.0.0 - 8.0.0.4, 7.2.1.0 - 7.2.1... • http://seclists.org/fulldisclosure/2017/Dec/41 • CWE-269: Improper Privilege Management •
CVSS: 6.1EPSS: 0%CPEs: 10EXPL: 0CVE-2017-8024 – EMC Isilon OneFS Cross Site Scripting
https://notcve.org/view.php?id=CVE-2017-8024
16 Oct 2017 — EMC Isilon OneFS (versions prior to 8.1.0.1, versions prior to 8.0.1.2, versions prior to 8.0.0.6, version 7.2.1.x) is impacted by a reflected cross-site scripting vulnerability that may potentially be exploited by malicious users to compromise the affected system. EMC Isilon OneFS (versiones anteriores a la 8.1.0.1, 8.0.1.2 y 8.0.0.6 y en versiones 7.2.1.x) se ha visto afectado por una vulnerabilidad de Cross-Site Scripting reflejado que podría ser explotada por usuarios maliciosos para comprometer el sist... • http://seclists.org/fulldisclosure/2017/Oct/34 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.0EPSS: 0%CPEs: 30EXPL: 0CVE-2017-4988 – EMC Isilon OneFS Privilege Escalation
https://notcve.org/view.php?id=CVE-2017-4988
21 Jun 2017 — EMC Isilon OneFS 8.0.1.0, 8.0.0 - 8.0.0.3, 7.2.0 - 7.2.1.4, 7.1.x is affected by a privilege escalation vulnerability that could potentially be exploited by attackers to compromise the affected system. EMC Isilon OneFS en versiones 8.0.1.0, 8.0.0 - 8.0.0.3, 7.2.0 - 7.2.1.4 y 7.1.x se ha visto afectado por una vulnerabilidad de escalado de privilegios que podría ser explotada por atacantes para comprometer el sistema afectado. EMC Isilon OneFS is affected by a privilege escalation vulnerability that could po... • http://www.securityfocus.com/archive/1/540755/30/0/threaded •
CVSS: 7.1EPSS: 0%CPEs: 11EXPL: 0CVE-2017-4979 – EMC Isilon OneFS NFS Export Upgrade
https://notcve.org/view.php?id=CVE-2017-4979
11 May 2017 — EMC Isilon OneFS 8.0.1.0, OneFS 8.0.0.0 - 8.0.0.2, OneFS 7.2.1.0 - 7.2.1.3, and OneFS 7.2.0.x is affected by an NFS export vulnerability. Under certain conditions, after upgrading a cluster from OneFS 7.1.1.x or earlier, users may have unexpected levels of access to some NFS exports. Isilon OneFS versión 8.0.1.0, OneFS versiones 8.0.0.0 - 8.0.0.2, OneFS versiones 7.2.1.0 - 7.2.1.3 y OneFS versiones 7.2.0.x de EMC, están afectadas por una vulnerabilidad de exportación de NFS. Bajo ciertas condiciones, despué... • http://www.securityfocus.com/archive/1/540551/30/0/threaded •