PT-2015-3216 · Emc · Isilon Onefs

Publicado

2015-12-21

Atualizado

2016-11-28

CVE-2015-4545

CVSS v2.0

9.0

Alta

Vetor

AV:N/AC:L/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions EMC Isilon OneFS versions 7.1 before 7.1.1.8 EMC Isilon OneFS versions 7.2.0 before 7.2.0.4 EMC Isilon OneFS versions 7.2.1 before 7.2.1.1

Description The issue is related to insufficient access control in the Isilon OneFS operating system. It allows remote authenticated administrators to bypass a SmartLock root-login restriction. This can be achieved by creating a root account and establishing a login session.

Recommendations For versions 7.1 before 7.1.1.8, update to version 7.1.1.8 or later. For versions 7.2.0 before 7.2.0.4, update to version 7.2.0.4 or later. For versions 7.2.1 before 7.2.1.1, update to version 7.2.1.1 or later.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-264

Identificadores relacionados

BDU:2016-00962

CVE-2015-4545

Produtos afetados

Isilon Onefs

PT-2015-3216 · Emc · Isilon Onefs

CVE-2015-4545

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 4