Vulnerabilities > Dell > EMC Isilon Onefs

DATE CVE VULNERABILITY TITLE RISK
2020-02-06 CVE-2020-5318 Incorrect Authorization vulnerability in Dell EMC Isilon Onefs
Dell EMC Isilon OneFS versions 8.1.2, 8.1.0.4, 8.1.0.3, and 8.0.0.7 contain a vulnerability in some configurations.
network
low complexity
dell CWE-863
7.5
2018-03-26 CVE-2018-1213 Cross-Site Request Forgery (CSRF) vulnerability in Dell EMC Isilon Onefs
Dell EMC Isilon OneFS versions between 8.1.0.0 - 8.1.0.1, 8.0.1.0 - 8.0.1.2, and 8.0.0.0 - 8.0.0.6, versions 7.2.1.x, and version 7.1.1.11 and 8.1.0.2 is affected by a cross-site request forgery vulnerability.
network
low complexity
dell CWE-352
8.8
2018-03-26 CVE-2018-1204 Path Traversal vulnerability in Dell EMC Isilon Onefs
Dell EMC Isilon OneFS versions between 8.1.0.0 - 8.1.0.1, 8.0.1.0 - 8.0.1.2, and 8.0.0.0 - 8.0.0.6, versions 7.2.1.x, and version 7.1.1.11 is affected by a path traversal vulnerability in the isi_phone_home tool.
local
low complexity
dell CWE-22
6.7
2018-03-26 CVE-2018-1203 Incorrect Permission Assignment for Critical Resource vulnerability in Dell EMC Isilon Onefs
In Dell EMC Isilon OneFS, the compadmin is able to run tcpdump binary with root privileges.
local
low complexity
dell CWE-732
6.7