CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2017-8019
https://notcve.org/view.php?id=CVE-2017-8019
An issue was discovered in EMC ScaleIO 2.0.1.x. A vulnerability in message parsers (MDM, SDS, and LIA) could potentially allow an unauthenticated remote attacker to send specifically crafted packets to stop ScaleIO services and cause a denial of service situation. Se ha descubierto un problema en EMC ScaleIO 2.0.1.x. Una vulnerabilidad en los analizadores sintácticos de mensajes (MDM, SDS y LIA) podría permitir que un atacante remoto no autenticado envíe paquetes especialmente manipulados para detener los servicios de ScaleIO y provocar una situación de denegación de servicio (DoS). • http://seclists.org/fulldisclosure/2017/Nov/35 http://www.securityfocus.com/bid/101991 • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 0%CPEs: 4EXPL: 0CVE-2017-8020
https://notcve.org/view.php?id=CVE-2017-8020
An issue was discovered in EMC ScaleIO 2.0.1.x. A buffer overflow vulnerability in the SDBG service may potentially allow a remote unauthenticated attacker to execute arbitrary commands with root privileges on an affected server. Se ha descubierto un problema en EMC ScaleIO 2.0.1.x. Una vulnerabilidad en el servicio SDBG podría permitir que un atacante remoto no autenticado ejecute comandos arbitrarios con privilegios root en un servidor afectado. • http://seclists.org/fulldisclosure/2017/Nov/35 http://www.securityfocus.com/bid/101995 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •