Описание
The Dell Isilon OneFS versions 8.2.2 and earlier and Dell EMC PowerScale OneFS version 9.0.0 default configuration for Network File System (NFS) allows access to an 'admin' home directory. An attacker may leverage a spoofed Unique Identifier (UID) over NFS to rewrite sensitive files to gain administrative access to the system.
Ссылки
- PatchVendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 8.2.2 (включая)
Одно из
cpe:2.3:a:dell:emc_isilon_onefs:*:*:*:*:*:*:*:*
cpe:2.3:o:dell:emc_powerscale_onefs:9.0.0:*:*:*:*:*:*:*
EPSS
Процентиль: 56%
0.00336
Низкий
8.8 High
CVSS3
9 Critical
CVSS2
Дефекты
CWE-276
CWE-276
Связанные уязвимости
github
больше 3 лет назад
The Dell Isilon OneFS versions 8.2.2 and earlier and Dell EMC PowerScale OneFS version 9.0.0 default configuration for Network File System (NFS) allows access to an 'admin' home directory. An attacker may leverage a spoofed Unique Identifier (UID) over NFS to rewrite sensitive files to gain administrative access to the system.
EPSS
Процентиль: 56%
0.00336
Низкий
8.8 High
CVSS3
9 Critical
CVSS2
Дефекты
CWE-276
CWE-276