CVE-2020-5369

HIGH

Dell Emc Isilon Onefs - Incorrect Permission Assignment

Title source: rule

Description

Dell EMC Isilon OneFS versions 8.2.2 and earlier and Dell EMC PowerScale OneFS version 9.0.0 contain a privilege escalation vulnerability. An authenticated malicious user may exploit this vulnerability by using SyncIQ to gain unauthorized access to system management files.

References (1)

Core 1

Core References

Vendor Advisory x_refsource_misc

https://www.dell.com/support/security/en-us/details/546160/DSA-2020-142-Dell-EMC-Isilon-OneFS-and-Dell-EMC-PowerScale-OneFS-Security-Update-for-SyncIQ-Privi

Scores

CVSS v3 8.8

EPSS 0.0046

EPSS Percentile 64.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-732

Status published

Products (2)

dell/emc_isilon_onefs 8.2.2

dell/emc_powerscale_onefs 9.0.0

Published Sep 02, 2020

Tracked Since Feb 18, 2026