exploitDog

CVE-2016-9867

Опубликовано: 06 янв. 2017

Источник: nvd

CVSS3: 8.8

CVSS2: 4.6

EPSS Низкий

Описание

An issue was discovered in EMC ScaleIO versions before 2.0.1.1. A low-privileged local attacker may be able to modify the kernel memory in the SCINI driver and may achieve code execution to escalate privileges to root on ScaleIO Data Client (SDC) servers.

Ссылки

http://www.securityfocus.com/archive/1/539983/30/0/threaded
Third Party Advisory
VDB Entry
http://www.securityfocus.com/bid/95300
http://www.securityfocus.com/archive/1/539983/30/0/threaded
Third Party Advisory
VDB Entry
http://www.securityfocus.com/bid/95300

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:emc:scaleio:*:*:*:*:*:*:*:*

Версия до 2.0.1.0 (включая)

EPSS

Процентиль: 24%

0.00083

Низкий

8.8 High

CVSS3

4.6 Medium

CVSS2

Дефекты

CWE-264

Связанные уязвимости

GHSA-cw38-5qv8-jjhq

CVSS3: 8.8

github

больше 3 лет назад

An issue was discovered in EMC ScaleIO versions before 2.0.1.1. A low-privileged local attacker may be able to modify the kernel memory in the SCINI driver and may achieve code execution to escalate privileges to root on ScaleIO Data Client (SDC) servers.

EPSS

Процентиль: 24%

0.00083

Низкий

8.8 High

CVSS3

4.6 Medium

CVSS2

Дефекты

CWE-264