← Back

CVE-2017-8024

nvd nist
Published: Oct 18, 2017Modified: May 13, 2026

JSON object

Loading...
6.1
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Exploitability: 2.8 / Impact: 2.7
Source: NVD

Description

EMC Isilon OneFS (versions prior to 8.1.0.1, versions prior to 8.0.1.2, versions prior to 8.0.0.6, version 7.2.1.x) is impacted by a reflected cross-site scripting vulnerability that may potentially be exploited by malicious users to compromise the affected system.

Affected (10)

Products: Emc: Isilon Onefs
Emc
1 product
Isilon Onefs
Configuration A
7 vulnerable
Vulnerable SoftwareAffected Versions
Emc
Isilon Onefs
Version 7.2.1.0
Isilon Onefs
Version 7.2.1.1
Isilon Onefs
Version 7.2.1.2
Isilon Onefs
Version 7.2.1.3
Isilon Onefs
Version 7.2.1.4
Isilon Onefs
Version 7.2.1.5
Isilon Onefs
Version 7.2.1.6
Configuration B
1 vulnerable
Vulnerable SoftwareAffected Versions
Isilon Onefs
Up to 8.1.0.0
Configuration C
1 vulnerable
Vulnerable SoftwareAffected Versions
Isilon Onefs
Up to 8.0.0.5
Configuration D
1 vulnerable
Vulnerable SoftwareAffected Versions
Isilon Onefs
Up to 8.0.1.1

Related CWEs

CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

References (2)

Source: security_alert@emc.com
Mailing ListPatchThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListPatchThird Party Advisory

Timeline

No history available yet.