Vulnerabilities > CVE-2016-9868 - 7PK - Security Features vulnerability in EMC Scaleio 2.0.1.0

CVSS 5.5 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

local

low complexity

emc

CWE-254

NVD

Published: 2017-01-06

Updated: 2017-01-11

Summary

An issue was discovered in EMC ScaleIO versions before 2.0.1.1. A low-privileged local attacker may cause a denial-of-service by generating a kernel panic in the SCINI driver using IOCTL calls which may render the ScaleIO Data Client (SDC) server unavailable until the next reboot.

Vulnerable Configurations

Part	Description	Count
Application	Emc EMC Scaleio 2.0.1.0	1

Common Weakness Enumeration (CWE)

CWE-254 - 7PK - Security Features

References

http://www.securityfocus.com/archive/1/539983/30/0/threaded
http://www.securityfocus.com/bid/95301