CWE
276
Advisory Published
Updated

CVE-2020-5353

First published: Thu Jul 29 2021(Updated: )

The Dell Isilon OneFS versions 8.2.2 and earlier and Dell EMC PowerScale OneFS version 9.0.0 default configuration for Network File System (NFS) allows access to an 'admin' home directory. An attacker may leverage a spoofed Unique Identifier (UID) over NFS to rewrite sensitive files to gain administrative access to the system.

Credit: security_alert@emc.com

Affected SoftwareAffected VersionHow to fix
Dell EMC Isilon OneFS<=8.2.2
Dell EMC PowerScale OneFS=9.0.0

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Frequently Asked Questions

  • What is CVE-2020-5353?

    CVE-2020-5353 is a vulnerability in Dell Isilon OneFS and Dell EMC PowerScale OneFS that allows unauthorized access to an 'admin' home directory.

  • What version of Dell Isilon OneFS is affected?

    Versions 8.2.2 and earlier of Dell Isilon OneFS are affected.

  • What version of Dell EMC PowerScale OneFS is affected?

    Version 9.0.0 of Dell EMC PowerScale OneFS is affected.

  • How severe is CVE-2020-5353?

    CVE-2020-5353 has a severity rating of 8.8, which is considered critical.

  • How can I fix CVE-2020-5353?

    To fix CVE-2020-5353, you should update Dell Isilon OneFS to a version later than 8.2.2 and Dell EMC PowerScale OneFS to a version later than 9.0.0.

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203