PT-2018-11031 · Dell Emc · Isilon Onefs
Ivan Huertas
+1
·
Publicado
2018-03-26
·
Atualizado
2018-04-19
·
CVE-2018-1213
CVSS v3.1
8.8
Alta
| Vetor | AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Dell EMC Isilon OneFS versions 7.1.1.11
Dell EMC Isilon OneFS versions 7.2.1.x
Dell EMC Isilon OneFS versions 8.0.0.0 through 8.0.0.6
Dell EMC Isilon OneFS versions 8.0.1.0 through 8.0.1.2
Dell EMC Isilon OneFS versions 8.1.0.0 through 8.1.0.1
Description
The issue is a cross-site request forgery vulnerability that could allow a malicious user to send unauthorized requests to the server on behalf of authenticated users of the application.
Recommendations
For version 7.1.1.11, update to a version that is not affected by this issue.
For versions 7.2.1.x, update to a version that is not affected by this issue.
For versions 8.0.0.0 through 8.0.0.6, update to a version that is not affected by this issue.
For versions 8.0.1.0 through 8.0.1.2, update to a version that is not affected by this issue.
For versions 8.1.0.0 through 8.1.0.1, update to a version that is not affected by this issue.
Exploit
Correção
CSRF
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Isilon Onefs