CVE-2020-5364 MEDIUM

CVE-2020-5364

Vendor Dell
Product Isilon OneFS
Weakness CWE-201
Published May 20, 2020
Last update September 16, 2024

CVSS base score

5.3/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality None
Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

What the vulnerability does

01Description

Dell EMC Isilon OneFS versions 8.2.2 and earlier contain an SNMPv2 vulnerability. The SNMPv2 services is enabled, by default, with a pre-configured community string. This community string allows read-only access to many aspects of the Isilon cluster, some of which are considered sensitive and can foster additional access.

Key dates

02Disclosure timeline

May 20, 2020 CVE published
September 16, 2024 Record updated

Related vulnerabilities

04Related CVE