CVE-2020-5353

The Dell Isilon OneFS versions 8.2.2 and earlier and Dell EMC PowerScale OneFS version 9.0.0 default configuration for Network File System (NFS) allows access to an 'admin' home directory. An attacker may leverage a spoofed Unique Identifier (UID) over NFS to rewrite sensitive files to gain administrative access to the system.

Published: Jul 29, 2021
Updated: Apr 14, 2023
CVE: CVE-2020-5353
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 8.8
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

Severity: High
Score: 9
AV:N/AC:L/Au:S/C:C/I:C/A:C

CWEs:

CWE-276

Affected Software
References

Software	From	Fixed in
dell / emc_isilon_onefs	-	8.2.2.x
dell / emc_powerscale_onefs	9.0.0	9.0.0.x

https://support.emc.com/kb/542721

Vulnerability Database

289,697

CVE-2020-5353