RSS   Vulnerabilities for 'Scaleio'   RSS

2017-11-28
 
CVE-2017-8020

CWE-119
 

 
An issue was discovered in EMC ScaleIO 2.0.1.x. A buffer overflow vulnerability in the SDBG service may potentially allow a remote unauthenticated attacker to execute arbitrary commands with root privileges on an affected server.

 
 
CVE-2017-8019

CWE-20
 

 
An issue was discovered in EMC ScaleIO 2.0.1.x. A vulnerability in message parsers (MDM, SDS, and LIA) could potentially allow an unauthenticated remote attacker to send specifically crafted packets to stop ScaleIO services and cause a denial of service situation.

 
 
CVE-2017-8001

CWE-532
 

 
An issue was discovered in EMC ScaleIO 2.0.1.x. In a Linux environment, one of the support scripts saves the credentials of the ScaleIO MDM user who executed the script in clear text in temporary log files. The temporary files may potentially be read by an unprivileged user with access to the server where the script was executed to recover exposed credentials.

 
2017-01-06
 
CVE-2016-9869

 

 
An issue was discovered in EMC ScaleIO versions before 2.0.1.1. Incorrect permissions on the SCINI driver may allow a low-privileged local attacker to modify the configuration and render the ScaleIO Data Client (SDC) server unavailable.

 
 
CVE-2016-9868

 

 
An issue was discovered in EMC ScaleIO versions before 2.0.1.1. A low-privileged local attacker may cause a denial-of-service by generating a kernel panic in the SCINI driver using IOCTL calls which may render the ScaleIO Data Client (SDC) server unavailable until the next reboot.

 
 
CVE-2016-9867

 

 
An issue was discovered in EMC ScaleIO versions before 2.0.1.1. A low-privileged local attacker may be able to modify the kernel memory in the SCINI driver and may achieve code execution to escalate privileges to root on ScaleIO Data Client (SDC) servers.

 

 >>> Vendor: EMC 177 Products
Networker
Retrospect client
Legato networker
Eroom
Navisphere manager
Retrospect
Rsa security sitekey
Data domain os
Vmware
Vmware server
Replistor
Vmware player
Documentum administrator
Documentum webtop
Diskxtender
Alphastor
Dantz retrospect backup server
Centera universal access
Documentum applicationxtender
Documentum applicationxtender workflow manager
Control center
Networker client
Networker module
Networker powersnap
Networker server
Networker storage node
Autostart
Captiva pixtools distributed imaging
Homebase server
Rsa key manager client
Avamar
Disk library
Celerra network attached storage
Replication manager
Data protection advisor collector
Rsa adaptive authentication on-premise
Data loss prevention enterprise manager
Sourceone email management
Documentum eroom
Data protection advisor
Captiva einput
Ionix acm
Ionix asam
Ionix ip
Rsa key manager appliance
Documentum content server
Documentum xplore
Documentum information rights management
Documentum applicationxtender desktop
Captiva quickscan pro
Celerra network server
VNX
VNXE
Lifeline
Applicationxtender desktop
Applicationxtender web access .net
Cloud tiering appliance virtual edition
Cloud tiering appliance
Rsa authentication agent
Rsa authentication client
Networker module for microsoft applications
Rsa data protection manager software server
Rsa data protection manager appliance
It operations intelligence
Rsa netwitness informer
Avamar plugin
Rsa archer egrc
Rsa archer smartsuite
Smarts network configuration manager
Smarts ip manager
Smarts mpls manager
Smarts network protocol manager
Smarts server manager
Smarts services assurance manager
Smarts voip availability manager
Documentum records manager
Documentum taskspace
Documentum wdk
Celerra control station
Vnx control station
Avamar server
Avamar server virtual edition
Geosynchrony
Vplex geo
Vplex local
Vplex metro
Atmos
Unisphere
Documentum capital projects
Documentum digital asset manager
Documentum web publisher
Document sciences xpression
Rsa netwitness nextgen
Rsa security analytics
Connectrix manager
Watch4net
Documentum foundation services
Rsa bsafe ssl-j
Rsa data loss prevention
Rsa bsafe
See all Products for Vendor EMC


Copyright 2024, cxsecurity.com

 

Back to Top