Denial of Service Vulnerability in Dell EMC Isilon OneFS Product
CVE-2020-5347

5.3MEDIUM

Key Information:

Vendor: Dell
Status: Isilon Onefs
Vendor: CVE Published:; 4 April 2020

Summary

The Dell EMC Isilon OneFS software versions up to and including 8.2.2 are prone to a denial of service vulnerability in the SmartConnect DNS feature. This vulnerability could be exploited by causing an error condition that leads to a looping CPU usage scenario, which in turn may prevent SmartConnect from responding to DNS queries effectively. This could disrupt normal service availability, potentially affecting operations reliant on DNS resolution.

Affected Version(s)

Isilon OneFS < 8.2.2

References

https://www.dell.com/support/security/en-us/details/54219...

x_refsource_MISC

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Apr 4, 2020
Vulnerability Reserved
Jan 3, 2020