Vulnerabilities > CVE-2016-9868 - 7PK - Security Features vulnerability in EMC Scaleio

CVSS 2.1 - LOW

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

local

low complexity

emc

CWE-254

NVD

Published: 2017-01-06

Updated: 2017-01-11

Summary

An issue was discovered in EMC ScaleIO versions before 2.0.1.1. A low-privileged local attacker may cause a denial-of-service by generating a kernel panic in the SCINI driver using IOCTL calls which may render the ScaleIO Data Client (SDC) server unavailable until the next reboot.

Vulnerable Configurations

Part	Description	Count
Application	Emc EMC Scaleio *	1

Common Weakness Enumeration (CWE)

CWE-254 - 7PK - Security Features

References

http://www.securityfocus.com/archive/1/539983/30/0/threaded
http://www.securityfocus.com/bid/95301