CVE-2015-4525

Name of the Vulnerable Software and Affected Versions EMC Isilon OneFS versions 6.5.x.x through 7.1.1.x before 7.1.1.5 EMC Isilon OneFS versions 7.2.0.x before 7.2.0.2

Description The issue is related to the lack of input sanitization in the web administration interface of the Isilon OneFS operating system. This allows a remote attacker to execute arbitrary commands with root privileges. The log-gather implementation is specifically affected, enabling remote authenticated users to exploit the issue via unspecified vectors.

Recommendations For versions 6.5.x.x through 7.1.1.x before 7.1.1.5, update to version 7.1.1.5 or later. For versions 7.2.0.x before 7.2.0.2, update to version 7.2.0.2 or later.