CVE-2016-9870

MEDIUM

EMC Isilon Onefs - LDAP Injection

Title source: rule

Description

EMC Isilon OneFS 8.0.0.0, EMC Isilon OneFS 7.2.1.0 - 7.2.1.2, EMC Isilon OneFS 7.2.0.x, EMC Isilon OneFS 7.1.1.0 - 7.1.1.10, and EMC Isilon OneFS 7.1.0.x is affected by an LDAP injection vulnerability that could potentially be exploited by a malicious user to compromise the system.

References (2)

[Mitigation, Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/540020/30/0/threaded

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/95626

Scores

CVSS v3 6.7

EPSS 0.0007

EPSS Percentile 21.6%

Attack Vector LOCAL

CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-90

Status published

Products (27)

emc/isilon_onefs 7.1.0.0

emc/isilon_onefs 7.1.0.1

emc/isilon_onefs 7.1.0.2

emc/isilon_onefs 7.1.0.3

emc/isilon_onefs 7.1.0.4

emc/isilon_onefs 7.1.0.5

emc/isilon_onefs 7.1.0.6

emc/isilon_onefs 7.1.1.0

emc/isilon_onefs 7.1.1.1

emc/isilon_onefs 7.1.1.2

... and 17 more

Published Jan 23, 2017

Tracked Since Feb 18, 2026