Vulnerabilities for Scaleio (...) - CXSECURITY.COM

Vulnerabilities for 'Scaleio'

2017-11-28

CVE-2017-8020

CWE-119

An issue was discovered in EMC ScaleIO 2.0.1.x. A buffer overflow vulnerability in the SDBG service may potentially allow a remote unauthenticated attacker to execute arbitrary commands with root privileges on an affected server.

CVE-2017-8019

CWE-20

An issue was discovered in EMC ScaleIO 2.0.1.x. A vulnerability in message parsers (MDM, SDS, and LIA) could potentially allow an unauthenticated remote attacker to send specifically crafted packets to stop ScaleIO services and cause a denial of service situation.

CVE-2017-8001

CWE-532

An issue was discovered in EMC ScaleIO 2.0.1.x. In a Linux environment, one of the support scripts saves the credentials of the ScaleIO MDM user who executed the script in clear text in temporary log files. The temporary files may potentially be read by an unprivileged user with access to the server where the script was executed to recover exposed credentials.

2017-01-06

CVE-2016-9869

An issue was discovered in EMC ScaleIO versions before 2.0.1.1. Incorrect permissions on the SCINI driver may allow a low-privileged local attacker to modify the configuration and render the ScaleIO Data Client (SDC) server unavailable.

CVE-2016-9868

An issue was discovered in EMC ScaleIO versions before 2.0.1.1. A low-privileged local attacker may cause a denial-of-service by generating a kernel panic in the SCINI driver using IOCTL calls which may render the ScaleIO Data Client (SDC) server unavailable until the next reboot.

CVE-2016-9867

An issue was discovered in EMC ScaleIO versions before 2.0.1.1. A low-privileged local attacker may be able to modify the kernel memory in the SCINI driver and may achieve code execution to escalate privileges to root on ScaleIO Data Client (SDC) servers.

>>> Vendor: EMC 177 Products

Legato networker

Navisphere manager

Retrospect client

Rsa security sitekey

Documentum administrator

Documentum webtop

Dantz retrospect backup server

Centera universal access

Documentum applicationxtender

Documentum applicationxtender workflow manager

Networker client

Networker module

Networker powersnap

Networker server

Networker storage node

Captiva pixtools distributed imaging

Homebase server

Rsa key manager client

Celerra network attached storage

Replication manager

Data protection advisor collector

Rsa adaptive authentication on-premise

Data loss prevention enterprise manager

Sourceone email management

Documentum eroom

Data protection advisor

Rsa key manager appliance

Documentum content server

Documentum xplore

Documentum information rights management

Documentum applicationxtender desktop

Captiva quickscan pro

Celerra network server

Applicationxtender desktop

Applicationxtender web access .net

Cloud tiering appliance virtual edition

Cloud tiering appliance

Rsa authentication agent

Rsa authentication client

Networker module for microsoft applications

Rsa data protection manager software server

Rsa data protection manager appliance

It operations intelligence

Rsa netwitness informer

Rsa archer egrc

Rsa archer smartsuite

Smarts network configuration manager

Smarts ip manager

Smarts mpls manager

Smarts network protocol manager

Smarts server manager

Smarts services assurance manager

Smarts voip availability manager

Documentum records manager

Documentum taskspace

Celerra control station

Vnx control station

Avamar server virtual edition

Documentum capital projects

Documentum digital asset manager

Documentum web publisher

Document sciences xpression

Rsa netwitness nextgen

Rsa security analytics

Connectrix manager

Documentum foundation services

Rsa bsafe ssl-j

Rsa data loss prevention

Vplex geosynchrony

See all Products for Vendor EMC

Copyright 2024, cxsecurity.com