Vulnerability Details CVE-2020-5371
Dell EMC Isilon OneFS versions 8.2.2 and earlier and Dell EMC PowerScale version 9.0.0 contain a file permissions vulnerability. An attacker, with network or local file access, could take advantage of insufficiently applied file permissions or gain unauthorized access to files.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 50.8%
CVSS Severity
CVSS v3 Score 8.0
CVSS v2 Score 6.5
References
- https://www.dell.com/support/security/en-us/details/544593/DSA-2020-155-Dell-EMC-Isilon-OneFS-and-Dell-EMC-PowerScale-Security-Update-for-a-Permissions-Vuln
- https://www.dell.com/support/security/en-us/details/544593/DSA-2020-155-Dell-EMC-Isilon-OneFS-and-Dell-EMC-PowerScale-Security-Update-for-a-Permissions-Vuln
Products affected by CVE-2020-5371
-
cpe:2.3:a:dell:emc_isilon_onefs:7.1.1.11
-
cpe:2.3:a:dell:emc_isilon_onefs:7.2.1.0
-
cpe:2.3:a:dell:emc_isilon_onefs:7.2.1.1
-
cpe:2.3:a:dell:emc_isilon_onefs:7.2.1.2
-
cpe:2.3:a:dell:emc_isilon_onefs:7.2.1.3
-
cpe:2.3:a:dell:emc_isilon_onefs:7.2.1.4
-
cpe:2.3:a:dell:emc_isilon_onefs:7.2.1.5
-
cpe:2.3:a:dell:emc_isilon_onefs:7.2.1.6
-
cpe:2.3:a:dell:emc_isilon_onefs:8.0.0.0
-
cpe:2.3:a:dell:emc_isilon_onefs:8.0.0.1
-
cpe:2.3:a:dell:emc_isilon_onefs:8.0.0.2
-
cpe:2.3:a:dell:emc_isilon_onefs:8.0.0.3
-
cpe:2.3:a:dell:emc_isilon_onefs:8.0.0.4
-
cpe:2.3:a:dell:emc_isilon_onefs:8.0.0.5
-
cpe:2.3:a:dell:emc_isilon_onefs:8.0.0.6
-
cpe:2.3:a:dell:emc_isilon_onefs:8.0.0.7
-
cpe:2.3:a:dell:emc_isilon_onefs:8.0.1.0
-
cpe:2.3:a:dell:emc_isilon_onefs:8.0.1.1
-
cpe:2.3:a:dell:emc_isilon_onefs:8.0.1.2
-
cpe:2.3:a:dell:emc_isilon_onefs:8.1.0.0
-
cpe:2.3:a:dell:emc_isilon_onefs:8.1.0.1
-
cpe:2.3:a:dell:emc_isilon_onefs:8.1.0.2
-
cpe:2.3:a:dell:emc_isilon_onefs:8.1.0.3
-
cpe:2.3:a:dell:emc_isilon_onefs:8.1.0.4
-
cpe:2.3:a:dell:emc_isilon_onefs:8.1.2
-
cpe:2.3:a:dell:emc_isilon_onefs:8.2.0
-
cpe:2.3:a:dell:emc_isilon_onefs:8.2.2
-
cpe:2.3:o:dell:emc_powerscale_onefs:9.0.0