Vulnerabilities > EMC > Isilon Onefs

DATE CVE VULNERABILITY TITLE RISK
2016-05-30 CVE-2016-0907 7PK - Security Features vulnerability in EMC Isilon Onefs and Isilonsd Edge Onefs
EMC Isilon OneFS 7.1.x and 7.2.x before 7.2.1.3 and 8.0.x before 8.0.0.1, and IsilonSD Edge OneFS 8.0.x before 8.0.0.1, does not require SMB signing within a DCERPC session over ncacn_np, which allows man-in-the-middle attackers to spoof SMB clients by modifying the client-server data stream, a similar issue to CVE-2016-2115.
network
high complexity
emc CWE-254
5.9
5.9
2015-12-21 CVE-2015-4545 Permissions, Privileges, and Access Controls vulnerability in EMC Isilon Onefs
EMC Isilon OneFS 7.1 before 7.1.1.8, 7.2.0 before 7.2.0.4, and 7.2.1 before 7.2.1.1 allows remote authenticated administrators to bypass a SmartLock root-login restriction by creating a root account and establishing a login session.
network
low complexity
emc CWE-264
8.0
8.0