CVE-2015-6848
Severity Score
8.5
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
EMC Isilon OneFS 7.1.x before 7.1.1.5, 7.2.0.x before 7.2.0.3, and 7.2.1.x before 7.2.1.1, when the RFC 2307 feature is configured but SFU is not universally present, allows remote authenticated AD users to obtain root privileges via unspecified vectors.
EMC Isilon OneFS 7.1.x en versiones anteriores a 7.1.1.5, 7.2.0.x en versiones anteriores a 7.2.0.3 y 7.2.1.x en versiones anteriores a 7.2.1.1, cuando la funcionalidad RFC 2307 es configurada pero SFU no está presente universalmente, permite a usuarios AD remotos autenticados obtener privilegios root a través de vectores no especificados.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2015-09-10 CVE Reserved
- 2015-11-25 CVE Published
- 2023-03-07 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-284: Improper Access Control
CAPEC
References (1)
| URL | Tag | Source |
|---|---|---|
| http://seclists.org/bugtraq/2015/Nov/121 | Mailing List |
|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Emc Search vendor "Emc" | Isilon Onefs Search vendor "Emc" for product "Isilon Onefs" | <= 7.1.1.0 Search vendor "Emc" for product "Isilon Onefs" and version " <= 7.1.1.0" | - |
Affected
| ||||||
| Emc Search vendor "Emc" | Isilon Onefs Search vendor "Emc" for product "Isilon Onefs" | 7.1.1.1 Search vendor "Emc" for product "Isilon Onefs" and version "7.1.1.1" | - |
Affected
| ||||||
| Emc Search vendor "Emc" | Isilon Onefs Search vendor "Emc" for product "Isilon Onefs" | 7.1.1.2 Search vendor "Emc" for product "Isilon Onefs" and version "7.1.1.2" | - |
Affected
| ||||||
| Emc Search vendor "Emc" | Isilon Onefs Search vendor "Emc" for product "Isilon Onefs" | 7.1.1.3 Search vendor "Emc" for product "Isilon Onefs" and version "7.1.1.3" | - |
Affected
| ||||||
| Emc Search vendor "Emc" | Isilon Onefs Search vendor "Emc" for product "Isilon Onefs" | 7.1.1.4 Search vendor "Emc" for product "Isilon Onefs" and version "7.1.1.4" | - |
Affected
| ||||||
| Emc Search vendor "Emc" | Isilon Onefs Search vendor "Emc" for product "Isilon Onefs" | 7.2.0.0 Search vendor "Emc" for product "Isilon Onefs" and version "7.2.0.0" | - |
Affected
| ||||||
| Emc Search vendor "Emc" | Isilon Onefs Search vendor "Emc" for product "Isilon Onefs" | 7.2.0.1 Search vendor "Emc" for product "Isilon Onefs" and version "7.2.0.1" | - |
Affected
| ||||||
| Emc Search vendor "Emc" | Isilon Onefs Search vendor "Emc" for product "Isilon Onefs" | 7.2.0.2 Search vendor "Emc" for product "Isilon Onefs" and version "7.2.0.2" | - |
Affected
| ||||||
| Emc Search vendor "Emc" | Isilon Onefs Search vendor "Emc" for product "Isilon Onefs" | 7.2.1.0 Search vendor "Emc" for product "Isilon Onefs" and version "7.2.1.0" | - |
Affected
| ||||||