CVE-2017-8001

Name of the Vulnerable Software and Affected Versions EMC ScaleIO version 2.0.1.x

Description An issue was discovered where a support script in a Linux environment saves the credentials of the ScaleIO MDM user in clear text in temporary log files. These temporary files may be read by an unprivileged user with access to the server to recover exposed credentials.

Recommendations For EMC ScaleIO version 2.0.1.x, consider restricting access to the temporary log files generated by the support script to prevent unauthorized users from reading the exposed credentials. As a temporary workaround, restrict access to the server where the script was executed to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.