PT-2016-4461 · Emc · Isilonsd Edge Onefs+1
Publicado
2016-05-30
·
Atualizado
2017-08-08
·
CVE-2016-0907
CVSS v3.1
5.9
Média
| Vetor | AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
EMC Isilon OneFS versions 7.1.x through 7.2.x before 7.2.1.3
EMC Isilon OneFS versions 8.0.x before 8.0.0.1
IsilonSD Edge OneFS versions 8.0.x before 8.0.0.1
Description
The issue allows man-in-the-middle attackers to spoof SMB clients by modifying the client-server data stream because it does not require SMB signing within a DCERPC session over ncacn np.
Recommendations
For EMC Isilon OneFS versions 7.1.x through 7.2.x before 7.2.1.3, update to version 7.2.1.3 or later.
For EMC Isilon OneFS versions 8.0.x before 8.0.0.1, update to version 8.0.0.1 or later.
For IsilonSD Edge OneFS versions 8.0.x before 8.0.0.1, update to version 8.0.0.1 or later.
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Emc Isilon Onefs
Isilonsd Edge Onefs