PT-2015-7388 · Emc · Emc Isilon Onefs

Published

2015-11-27

Updated

2015-11-27

CVE-2015-6848

CVSS v2.0

8.5

High

Vector

AV:N/AC:M/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions EMC Isilon OneFS versions 7.1.x through 7.1.1.5 EMC Isilon OneFS versions 7.2.0.x through 7.2.0.3 EMC Isilon OneFS versions 7.2.1.x through 7.2.1.1

Description The issue allows remote authenticated AD users to obtain root privileges via unspecified vectors when the RFC 2307 feature is configured but SFU is not universally present.

Recommendations For versions 7.1.x through 7.1.1.5, update to version 7.1.1.5 or later. For versions 7.2.0.x through 7.2.0.3, update to version 7.2.0.3 or later. For versions 7.2.1.x through 7.2.1.1, update to version 7.2.1.1 or later.

Fix

Improper Access Control

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-284

Related Identifiers

CVE-2015-6848

Affected Products

Emc Isilon Onefs

PT-2015-7388 · Emc · Emc Isilon Onefs

CVE-2015-6848

Weakness Enumeration

Related Identifiers

Affected Products

References · 2