Emc Scaleio vulnerabilities
5 known vulnerabilities affecting emc/scaleio.
Total CVEs
5
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH2MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2017-8020P2CRITICALCVSS 9.8v2.0.1.0v2.0.1.1+2 more2017-11-28
CVE-2017-8020 [CRITICAL] CWE-119 CVE-2017-8020: An issue was discovered in EMC ScaleIO 2.0.1.x. A buffer overflow vulnerability in the SDBG service
An issue was discovered in EMC ScaleIO 2.0.1.x. A buffer overflow vulnerability in the SDBG service may potentially allow a remote unauthenticated attacker to execute arbitrary commands with root privileges on an affected server.
nvd
CVE-2016-9867P3HIGHCVSS 8.8≤ 2.0.1.02017-01-06
CVE-2016-9867 [HIGH] CWE-264 CVE-2016-9867: An issue was discovered in EMC ScaleIO versions before 2.0.1.1. A low-privileged local attacker may
An issue was discovered in EMC ScaleIO versions before 2.0.1.1. A low-privileged local attacker may be able to modify the kernel memory in the SCINI driver and may achieve code execution to escalate privileges to root on ScaleIO Data Client (SDC) servers.
nvd
CVE-2017-8019P3HIGHCVSS 7.5v2.0.1.0v2.0.1.1+2 more2017-11-28
CVE-2017-8019 [HIGH] CWE-20 CVE-2017-8019: An issue was discovered in EMC ScaleIO 2.0.1.x. A vulnerability in message parsers (MDM, SDS, and LI
An issue was discovered in EMC ScaleIO 2.0.1.x. A vulnerability in message parsers (MDM, SDS, and LIA) could potentially allow an unauthenticated remote attacker to send specifically crafted packets to stop ScaleIO services and cause a denial of service situation.
nvd
CVE-2016-9869P4MEDIUMCVSS 5.5≤ 2.0.1.02017-01-06
CVE-2016-9869 [MEDIUM] CWE-275 CVE-2016-9869: An issue was discovered in EMC ScaleIO versions before 2.0.1.1. Incorrect permissions on the SCINI d
An issue was discovered in EMC ScaleIO versions before 2.0.1.1. Incorrect permissions on the SCINI driver may allow a low-privileged local attacker to modify the configuration and render the ScaleIO Data Client (SDC) server unavailable.
nvd
CVE-2016-9868P4MEDIUMCVSS 5.5≤ 2.0.1.02017-01-06
CVE-2016-9868 [MEDIUM] CWE-254 CVE-2016-9868: An issue was discovered in EMC ScaleIO versions before 2.0.1.1. A low-privileged local attacker may
An issue was discovered in EMC ScaleIO versions before 2.0.1.1. A low-privileged local attacker may cause a denial-of-service by generating a kernel panic in the SCINI driver using IOCTL calls which may render the ScaleIO Data Client (SDC) server unavailable until the next reboot.
nvd