PT-2017-16242 · Emc Isilon · Onefs

Published

2017-05-19

Updated

2019-10-03

CVE-2017-4979

CVSS v3.1

7.1

High

Vector

AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions EMC Isilon OneFS versions 7.2.0.x through 7.2.1.3 EMC Isilon OneFS versions 8.0.0.0 through 8.0.1.0

Description The issue concerns an NFS export vulnerability. After upgrading a cluster from OneFS 7.1.1.x or earlier, users may have unexpected levels of access to some NFS exports under certain conditions.

Recommendations For OneFS versions 7.2.0.x through 7.2.1.3, update to a version that is not affected by this issue. For OneFS versions 8.0.0.0 through 8.0.1.0, update to a version that is not affected by this issue. As a temporary workaround, consider restricting access to the affected NFS exports until a patch is available.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2017-4979

Affected Products

Onefs

PT-2017-16242 · Emc Isilon · Onefs

CVE-2017-4979

Related Identifiers

Affected Products

References · 3