CVE-2015-4525
Published Jul 4, 2015
Last updated 9 years ago
Overview
- Description
- The log-gather implementation in the web administration interface in EMC Isilon OneFS 6.5.x.x through 7.1.1.x before 7.1.1.5 and 7.2.0.x before 7.2.0.2 allows remote authenticated users to execute arbitrary commands with root privileges via unspecified vectors.
- Source
- security_alert@emc.com
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 9
- Impact score
- 10
- Exploitability score
- 8
- Vector string
- AV:N/AC:L/Au:S/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- CWE-77
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6DBE16CA-46F6-4E5C-B361-67074B1771F1",
"versionEndIncluding": "7.1.1.0"
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.1.1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A669BE6B-726F-4F34-A009-798E32FF6895"
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.1.1.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4AE74624-A44D-4837-AD36-DBF3E93D5ED9"
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.1.1.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "47CBA2E5-6E46-4922-B56B-3F8C578074B1"
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.1.1.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "90C22C93-9069-406E-9A14-03F20AD34D11"
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.2.0.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0E8AF3E1-FE57-40B9-95DD-4E4C8EB578CB"
},
{
"criteria": "cpe:2.3:o:emc:isilon_onefs:7.2.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7F551F88-3176-4E92-AE7A-FCAB3A220A45"
}
],
"operator": "OR"
}
]
}
]