CVE-2017-14387Isilon Onefs vulnerability

3 documents3 sources
Severity
6.5MEDIUMNVD
EPSS
0.3%
top 46.70%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
EMC Isilon Onefs
Timeline
PublishedDec 20
Latest updateMay 13

Description

The NFS service in EMC Isilon OneFS 8.1.0.0, 8.0.1.0 - 8.0.1.1, and 8.0.0.0 - 8.0.0.4 maintains default NFS export settings (including the NFS export security flavor for authentication) that can be leveraged by current and future NFS exports. This NFS service contained a flaw that did not properly propagate changes made to the default security flavor to all new and existing NFS exports that are configured to use default NFS export settings and that are mounted after those changes are made. This

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:NExploitability: 3.9 | Impact: 2.5

Affected Packages1 packages

NVDemc/isilon_onefs8 versions+7

🔴Vulnerability Details

2
GHSA
GHSA-c7vw-9fhg-crj3: The NFS service in EMC Isilon OneFS 82022-05-13
CVEList
CVE-2017-14387: The NFS service in EMC Isilon OneFS 82017-12-20
CVE-2017-14387 — EMC Isilon Onefs vulnerability | cvebase