PT-2017-2405 · Emc · Emc Isilon Onefs

Publicado

2017-01-23

Atualizado

2017-01-24

CVE-2016-9870

CVSS v2.0

7.2

Alta

Vetor

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions EMC Isilon OneFS versions 7.1.0.x through 7.2.1.2 EMC Isilon OneFS version 8.0.0.0

Description The issue is caused by the failure to neutralize special elements in LDAP requests. This could allow a local attacker to gain unauthorized access to the system.

Recommendations For EMC Isilon OneFS versions 7.1.0.x through 7.2.1.2, consider restricting access to the LDAP functionality until a patch is available. For EMC Isilon OneFS version 8.0.0.0, consider restricting access to the LDAP functionality until a patch is available.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-90

Identificadores relacionados

BDU:2017-01608

CVE-2016-9870

Produtos afetados

Emc Isilon Onefs

PT-2017-2405 · Emc · Emc Isilon Onefs

CVE-2016-9870

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 5