Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
EMC Isilon OneFS 7.1.x and 7.2.x before 7.2.1.3 and 8.0.x before 8.0.0.1, and IsilonSD Edge OneFS 8.0.x before 8.0.0.1, does not require SMB signing within a DCERPC session over ncacn_np, which allows man-in-the-middle attackers to spoof SMB clients by modifying the client-server data stream, a similar issue to CVE-2016-2115.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
EMC Isilon OneFS和EMC IsilonSD 安全漏洞
Vulnerability Description
EMC Isilon OneFS和EMC IsilonSD Edge都是美国易安信(EMC)公司的产品。前者是一套支持EMC Isilon(横向扩展存储系统)的分布式文件系统,后者是一套用于简化远程办公室或边缘位置的数据管理解决方案。 EMC Isilon OneFS和EMC IsilonSD Edge的SMB协议实现过程中存在安全漏洞,该漏洞源于程序没有要求DCERPC会话中的SMS签名。攻击者可通过嗅探client-server数据流利用该漏洞实施中间人攻击,欺骗SMB客户端。以下产品及版本受到影响:
CVSS Information
N/A
Vulnerability Type
N/A