CVE-2015-6848

Published: Nov 27, 2015Modified: May 6, 2026

8.5

Vector

AV:N/AC:M/Au:S/C:C/I:C/A:C

Exploitability: 6.8 / Impact: 10.0

Source: NVD

Description

EMC Isilon OneFS 7.1.x before 7.1.1.5, 7.2.0.x before 7.2.0.3, and 7.2.1.x before 7.2.1.1, when the RFC 2307 feature is configured but SFU is not universally present, allows remote authenticated AD users to obtain root privileges via unspecified vectors.

Affected (9)

Products: Emc: Isilon Onefs

Emc

1 product

Isilon Onefs

Configuration A

9 vulnerable

Vulnerable Software	Affected Versions
Emc Isilon Onefs	Up to 7.1.1.0
Emc Isilon Onefs	Version 7.1.1.1
Emc Isilon Onefs	Version 7.1.1.2
Emc Isilon Onefs	Version 7.1.1.3
Emc Isilon Onefs	Version 7.1.1.4
Emc Isilon Onefs	Version 7.2.0.0
Emc Isilon Onefs	Version 7.2.0.1
Emc Isilon Onefs	Version 7.2.0.2
Emc Isilon Onefs	Version 7.2.1.0

Related CWEs

CWE-284

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

References (2)

http://seclists.org/bugtraq/2015/Nov/121

Source: security_alert@emc.com

http://seclists.org/bugtraq/2015/Nov/121

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.