CVE-2020-5353

8.8HIGH

Key Information:

Vendor: Dell
Status: Isilon Onefs
Vendor: CVE Published:; 29 July 2021

Summary

The Dell Isilon OneFS versions 8.2.2 and earlier and Dell EMC PowerScale OneFS version 9.0.0 default configuration for Network File System (NFS) allows access to an 'admin' home directory. An attacker may leverage a spoofed Unique Identifier (UID) over NFS to rewrite sensitive files to gain administrative access to the system.

Affected Version(s)

Isilon OneFS < unspecified

References

https://support.emc.com/kb/542721

x_refsource_MISC

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jul 29, 2021
Vulnerability Reserved
Jan 3, 2020