Vulnerabilities > EMC > Isilon Onefs > Medium

DATE CVE VULNERABILITY TITLE RISK
2018-09-18 CVE-2018-11071 Improper Input Validation vulnerability in EMC Isilon Onefs and Isilonsd Edge
Dell EMC Isilon OneFS versions 7.1.1.x, 7.2.1.x, 8.0.0.x, 8.0.1.x, 8.1.0.x and 8.1.x prior to 8.1.2 and Dell EMC IsilonSD Edge versions 8.0.0.x, 8.0.1.x, 8.1.0.x and 8.1.x prior to 8.1.2 contain a remote process crash vulnerability.
network
low complexity
emc CWE-20
5.0
5.0
2017-12-20 CVE-2017-14387 Unspecified vulnerability in EMC Isilon Onefs
The NFS service in EMC Isilon OneFS 8.1.0.0, 8.0.1.0 - 8.0.1.1, and 8.0.0.0 - 8.0.0.4 maintains default NFS export settings (including the NFS export security flavor for authentication) that can be leveraged by current and future NFS exports.
network
low complexity
emc
6.4
6.4
2017-10-18 CVE-2017-8024 Cross-site Scripting vulnerability in EMC Isilon Onefs
EMC Isilon OneFS (versions prior to 8.1.0.1, versions prior to 8.0.1.2, versions prior to 8.0.0.6, version 7.2.1.x) is impacted by a reflected cross-site scripting vulnerability that may potentially be exploited by malicious users to compromise the affected system.
network
emc CWE-79
4.3
4.3
2017-05-19 CVE-2017-4979 Remote Privilege Escalation vulnerability in EMC Isilon OneFS
EMC Isilon OneFS 8.0.1.0, OneFS 8.0.0.0 - 8.0.0.2, OneFS 7.2.1.0 - 7.2.1.3, and OneFS 7.2.0.x is affected by an NFS export vulnerability.
network
high complexity
emc
4.6
4.6
2017-03-29 CVE-2017-4980 Path Traversal vulnerability in EMC Isilon Onefs
EMC Isilon OneFS is affected by a path traversal vulnerability that may potentially be exploited by attackers to compromise the affected system.
network
low complexity
emc CWE-22
5.0
5.0
2016-06-04 CVE-2016-0908 Permissions, Privileges, and Access Controls vulnerability in EMC Isilon Onefs
EMC Isilon OneFS 7.1.x before 7.1.1.9 and 7.2.x before 7.2.1.2 allows local users to obtain root shell access by leveraging administrative privileges.
local
low complexity
emc CWE-264
6.8
6.8
2016-05-30 CVE-2016-0907 7PK - Security Features vulnerability in EMC Isilon Onefs and Isilonsd Edge Onefs
EMC Isilon OneFS 7.1.x and 7.2.x before 7.2.1.3 and 8.0.x before 8.0.0.1, and IsilonSD Edge OneFS 8.0.x before 8.0.0.1, does not require SMB signing within a DCERPC session over ncacn_np, which allows man-in-the-middle attackers to spoof SMB clients by modifying the client-server data stream, a similar issue to CVE-2016-2115.
network
emc CWE-254
4.3
4.3