CVE-2016-9870

MEDIUM

EMC Isilon OneFS 7.1.0.x, 7.1.1.0-7.1.1.10, 7.2.0.x, 7.2.1.0-7.2.1.2, 8.0.0.0 - LDAP Injection

Title source: llm
STIX 2.1

Description

EMC Isilon OneFS 8.0.0.0, EMC Isilon OneFS 7.2.1.0 - 7.2.1.2, EMC Isilon OneFS 7.2.0.x, EMC Isilon OneFS 7.1.1.0 - 7.1.1.10, and EMC Isilon OneFS 7.1.0.x is affected by an LDAP injection vulnerability that could potentially be exploited by a malicious user to compromise the system.

References (2)

Core 2
Core References
Mitigation, Third Party Advisory, VDB Entry x_refsource_confirm
http://www.securityfocus.com/archive/1/540020/30/0/threaded
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/95626

Scores

CVSS v3 6.7
EPSS 0.0041
EPSS Percentile 32.6%
Attack Vector LOCAL
CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-90
Status published
Products (27)
emc/isilon_onefs 7.1.0.0
emc/isilon_onefs 7.1.0.1
emc/isilon_onefs 7.1.0.2
emc/isilon_onefs 7.1.0.3
emc/isilon_onefs 7.1.0.4
emc/isilon_onefs 7.1.0.5
emc/isilon_onefs 7.1.0.6
emc/isilon_onefs 7.1.1.0
emc/isilon_onefs 7.1.1.1
emc/isilon_onefs 7.1.1.2
... and 17 more
Published Jan 23, 2017
Tracked Since Feb 18, 2026