EMC Isilon OneFS 7.1.x and 7.2.x prior to 7.2.1.3 and 8.0.x prior to 8.0.0.1, and IsilonSD Edge OneFS 8.0.x prior to 8.0.0.1, does not require SMB signing within a DCERPC session over ncacn_np, which allows man-in-the-middle malicious users to spoof SMB clients by modifying the client-server data stream, a similar issue to CVE-2016-2115.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
emc isilon onefs 7.1.0.0 |
||
emc isilon onefs 7.1.0.5 |
||
emc isilon onefs 7.1.1.0 |
||
emc isilon onefs 7.1.1.7 |
||
emc isilon onefs 7.1.1.9 |
||
emc isilon onefs 7.1.1.2 |
||
emc isilon onefs 7.1.1.3 |
||
emc isilon onefs 7.1.1.4 |
||
emc isilon onefs 7.1.1.5 |
||
emc isilon onefs 7.1.0.1 |
||
emc isilon onefs 7.1.0.2 |
||
emc isilon onefs 7.1.0.3 |
||
emc isilon onefs 7.1.0.4 |
||
emc isilon onefs 7.2.1.0 |
||
emc isilon onefs 7.2.1.1 |
||
emc isilon onefs 7.2.1.2 |
||
emc isilon onefs 8.0.0.0 |
||
emc isilon onefs 7.1.0.6 |
||
emc isilon onefs 7.1.1.1 |
||
emc isilon onefs 7.1.1.6 |
||
emc isilon onefs 7.1.1.8 |
||
emc isilon onefs 7.2.0.0 |
||
emc isilonsd edge onefs 8.0.0.0 |
Vulmon