PT-2017-16248 · Emc · Emc Vnx1+2

Publicado

2017-06-19

Atualizado

2017-06-29

CVE-2017-4987

CVSS v2.0

4.4

Média

Vetor

AV:L/AC:M/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions EMC VNX2 versions prior to 8.1.9.211 EMC VNX1 versions prior to 7.1.80.8

Description A local authenticated user can load a maliciously crafted file in the search path, potentially allowing the attacker to execute arbitrary code on the targeted VNX Control Station system. This is due to an uncontrolled search path issue.

Recommendations For EMC VNX2 versions prior to 8.1.9.211, update to version 8.1.9.211 or later to resolve the issue. For EMC VNX1 versions prior to 7.1.80.8, update to version 7.1.80.8 or later to resolve the issue.

Correção

Uncontrolled Search Path Element

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-427

Identificadores relacionados

CVE-2017-4987

Produtos afetados

Emc Vnx1

Emc Vnx2

Vnx Control Station

PT-2017-16248 · Emc · Emc Vnx1+2

CVE-2017-4987

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 3