PT-2017-2405 · Emc · Emc Isilon Onefs

Published

2017-01-23

Updated

2017-01-24

CVE-2016-9870

CVSS v2.0

7.2

High

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions EMC Isilon OneFS versions 7.1.0.x through 7.2.1.2 EMC Isilon OneFS version 8.0.0.0

Description The issue is caused by the failure to neutralize special elements in LDAP requests. This could allow a local attacker to gain unauthorized access to the system.

Recommendations For EMC Isilon OneFS versions 7.1.0.x through 7.2.1.2, consider restricting access to the LDAP functionality until a patch is available. For EMC Isilon OneFS version 8.0.0.0, consider restricting access to the LDAP functionality until a patch is available.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-90

Related Identifiers

BDU:2017-01608

CVE-2016-9870

Affected Products

Emc Isilon Onefs

PT-2017-2405 · Emc · Emc Isilon Onefs

CVE-2016-9870

Weakness Enumeration

Related Identifiers

Affected Products

References · 5