Описание
Dell EMC Isilon OneFS versions prior to 8.2.0 contain an unauthorized access vulnerability due to a lack of thorough authorization checks when SyncIQ is licensed, but encrypted syncs are not marked as required. When this happens, loss of control of the cluster can occur.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 8.2.0 (исключая)
cpe:2.3:a:dell:emc_isilon_onefs:*:*:*:*:*:*:*:*
EPSS
Процентиль: 60%
0.00391
Низкий
9.8 Critical
CVSS3
10 Critical
CVSS2
Дефекты
CWE-306
CWE-306
Связанные уязвимости
github
больше 3 лет назад
Dell EMC Isilon OneFS versions prior to 8.2.0 contain an unauthorized access vulnerability due to a lack of thorough authorization checks when SyncIQ is licensed, but encrypted syncs are not marked as required. When this happens, loss of control of the cluster can occur.
EPSS
Процентиль: 60%
0.00391
Низкий
9.8 Critical
CVSS3
10 Critical
CVSS2
Дефекты
CWE-306
CWE-306