CVE-2015-4545 — Isilon Onefs vulnerability

CWE-2643 documents3 sources

Severity

8.0HIGHNVD

EPSS

0.3%

top 45.33%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

EMC Isilon Onefs

Timeline

PublishedDec 21

Latest updateMay 17

Description

EMC Isilon OneFS 7.1 before 7.1.1.8, 7.2.0 before 7.2.0.4, and 7.2.1 before 7.2.1.1 allows remote authenticated administrators to bypass a SmartLock root-login restriction by creating a root account and establishing a login session.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:HExploitability: 2.1 | Impact: 5.9

Affected Packages1 packages

▶NVDemc/isilon_onefs7.1.1.7+11

🔴Vulnerability Details

GHSA

GHSA-4f7m-gcp2-rqr8: EMC Isilon OneFS 7↗2022-05-17

▶

CVEList

CVE-2015-4545: EMC Isilon OneFS 7↗2015-12-21

▶