CVE-2018-11071
HIGHDell EMC Isilon OneFS 7.1.1.0-7.1.1.10 and 7.2.1.x-8.1.1.x - Unauthenticated Denial of Service via Crafted Input Data
Title source: llmDescription
Dell EMC Isilon OneFS versions 7.1.1.x, 7.2.1.x, 8.0.0.x, 8.0.1.x, 8.1.0.x and 8.1.x prior to 8.1.2 and Dell EMC IsilonSD Edge versions 8.0.0.x, 8.0.1.x, 8.1.0.x and 8.1.x prior to 8.1.2 contain a remote process crash vulnerability. An unauthenticated remote attacker may potentially exploit this vulnerability to crash the isi_drive_d process by sending specially crafted input data to the affected system. This process will then be restarted.
References (1)
Core 1
Core References
Mailing List, Third Party Advisory mailing-list
x_refsource_fulldisc
https://seclists.org/fulldisclosure/2018/Sep/19
Scores
CVSS v3
7.5
EPSS
0.0042
EPSS Percentile
62.1%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-20
Status
published
Products (2)
emc/isilon_onefs
7.1.1.0 - 7.1.1.11
emc/isilonsd_edge
8.0.0.0 - 8.0.0.7
Published
Sep 18, 2018
Tracked Since
Feb 18, 2026