CVE-2016-9867
HIGHEMC ScaleIO < 2.0.1.1 - Privilege Escalation via SCINI Driver Kernel Memory Modification
Title source: llmDescription
An issue was discovered in EMC ScaleIO versions before 2.0.1.1. A low-privileged local attacker may be able to modify the kernel memory in the SCINI driver and may achieve code execution to escalate privileges to root on ScaleIO Data Client (SDC) servers.
References (2)
Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/95300
Third Party Advisory, VDB Entry x_refsource_confirm
http://www.securityfocus.com/archive/1/539983/30/0/threaded
Scores
CVSS v3
8.8
EPSS
0.0008
EPSS Percentile
24.0%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Details
CWE
CWE-264
Status
published
Products (2)
emc/scaleio
< 2.0.1.0
n/a/EMC ScaleIO versions before 2.0.1.1
EMC ScaleIO versions before 2.0.1.1
Published
Jan 06, 2017
Tracked Since
Feb 18, 2026