PT-2018-11031 · Dell Emc · Isilon Onefs
Ivan Huertas
+1
·
Published
2018-03-26
·
Updated
2018-04-19
·
CVE-2018-1213
CVSS v3.1
8.8
High
| Vector | AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Dell EMC Isilon OneFS versions 7.1.1.11
Dell EMC Isilon OneFS versions 7.2.1.x
Dell EMC Isilon OneFS versions 8.0.0.0 through 8.0.0.6
Dell EMC Isilon OneFS versions 8.0.1.0 through 8.0.1.2
Dell EMC Isilon OneFS versions 8.1.0.0 through 8.1.0.1
Description
The issue is a cross-site request forgery vulnerability that could allow a malicious user to send unauthorized requests to the server on behalf of authenticated users of the application.
Recommendations
For version 7.1.1.11, update to a version that is not affected by this issue.
For versions 7.2.1.x, update to a version that is not affected by this issue.
For versions 8.0.0.0 through 8.0.0.6, update to a version that is not affected by this issue.
For versions 8.0.1.0 through 8.0.1.2, update to a version that is not affected by this issue.
For versions 8.1.0.0 through 8.1.0.1, update to a version that is not affected by this issue.
Exploit
Fix
CSRF
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Isilon Onefs