CVE-2020-5353
First published: Thu Jul 29 2021(Updated: )
The Dell Isilon OneFS versions 8.2.2 and earlier and Dell EMC PowerScale OneFS version 9.0.0 default configuration for Network File System (NFS) allows access to an 'admin' home directory. An attacker may leverage a spoofed Unique Identifier (UID) over NFS to rewrite sensitive files to gain administrative access to the system.
Credit: security_alert@emc.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Dell EMC Isilon OneFS | <=8.2.2 | |
| Dell EMC PowerScale OneFS | =9.0.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2020-5353?
CVE-2020-5353 is a vulnerability in Dell Isilon OneFS and Dell EMC PowerScale OneFS that allows unauthorized access to an 'admin' home directory.
What version of Dell Isilon OneFS is affected?
Versions 8.2.2 and earlier of Dell Isilon OneFS are affected.
What version of Dell EMC PowerScale OneFS is affected?
Version 9.0.0 of Dell EMC PowerScale OneFS is affected.
How severe is CVE-2020-5353?
CVE-2020-5353 has a severity rating of 8.8, which is considered critical.
How can I fix CVE-2020-5353?
To fix CVE-2020-5353, you should update Dell Isilon OneFS to a version later than 8.2.2 and Dell EMC PowerScale OneFS to a version later than 9.0.0.
- collector/nvd-index
- agent/severity
- agent/author
- agent/references
- agent/weakness
- agent/type
- agent/event
- agent/description
- agent/last-modified-date
- agent/remedy
- agent/first-publish-date
- agent/softwarecombine
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/dell
- canonical/dell emc isilon onefs
- version/dell emc isilon onefs/8.2.2
- canonical/dell emc powerscale onefs
- version/dell emc powerscale onefs/9.0.0