HIGH🇬🇧 English

CVE-2020-5353

CVSS 8.8v3.1pub. 2021-07-29upd. 2024-11-21

The Dell Isilon OneFS versions 8.2.2 and earlier and Dell EMC PowerScale OneFS version 9.0.0 default configuration for Network File System (NFS) allows access to an 'admin' home directory. An attacker may leverage a spoofed Unique Identifier (UID) over NFS to rewrite sensitive files to gain administrative access to the system.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • Dell Emc Isilon Onefs

    APP
    Dell
    ≤ 8.2.2
  • Dell Emc Powerscale Onefs

    OS
    Dell
    9.0.0
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2022-26851CRITICAL9.1ten sam produkt

Dell PowerScale OneFS, 8.2.2-9.3.x, contains a predictable file name from observable state vulnerability. An u...

CVE-2021-21502CRITICAL9.8ten sam produkt

Dell PowerScale OneFS versions 8.1.0 – 9.1.0 contain a "use of SSH key past account expiration" vulnerability....

CVE-2020-5328CRITICAL9.8ten sam produkt

Dell EMC Isilon OneFS versions prior to 8.2.0 contain an unauthorized access vulnerability due to a lack of th...

CVE-2023-25941HIGH7.8ten sam produkt

Dell PowerScale OneFS versions 8.2.x-9.5.0.x contain an elevation of privilege vulnerability. A low-privilege...

CVE-2022-33934HIGH7.7ten sam produkt

Dell PowerScale OneFS, versions 8.2.x through 9.4.x contain multiple stored cross-site scripting vulnerabilit...