CVE-2015-6848Improper Access Control in Isilon Onefs

CWE-284Improper Access Control3 documents3 sources
Severity
8.5HIGHNVD
EPSS
0.6%
top 29.83%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
EMC Isilon Onefs
Timeline
PublishedNov 27
Latest updateMay 17

Description

EMC Isilon OneFS 7.1.x before 7.1.1.5, 7.2.0.x before 7.2.0.3, and 7.2.1.x before 7.2.1.1, when the RFC 2307 feature is configured but SFU is not universally present, allows remote authenticated AD users to obtain root privileges via unspecified vectors.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 6.8 | Impact: 10.0

Affected Packages1 packages

NVDemc/isilon_onefs7.1.1.0+8

🔴Vulnerability Details

2
GHSA
GHSA-wjmq-cvwc-vrvq: EMC Isilon OneFS 72022-05-17
CVEList
CVE-2015-6848: EMC Isilon OneFS 72015-11-27
CVE-2015-6848 — Improper Access Control in Isilon Onefs | cvebase