First published: Thu Jul 29 2021(Updated: )
The Dell Isilon OneFS versions 8.2.2 and earlier and Dell EMC PowerScale OneFS version 9.0.0 default configuration for Network File System (NFS) allows access to an 'admin' home directory. An attacker may leverage a spoofed Unique Identifier (UID) over NFS to rewrite sensitive files to gain administrative access to the system.
Credit: security_alert@emc.com
Affected Software | Affected Version | How to fix |
---|---|---|
Dell EMC Isilon OneFS | <=8.2.2 | |
Dell EMC PowerScale OneFS | =9.0.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2020-5353 is a vulnerability in Dell Isilon OneFS and Dell EMC PowerScale OneFS that allows unauthorized access to an 'admin' home directory.
Versions 8.2.2 and earlier of Dell Isilon OneFS are affected.
Version 9.0.0 of Dell EMC PowerScale OneFS is affected.
CVE-2020-5353 has a severity rating of 8.8, which is considered critical.
To fix CVE-2020-5353, you should update Dell Isilon OneFS to a version later than 8.2.2 and Dell EMC PowerScale OneFS to a version later than 9.0.0.