Published: 21/09/2016 Updated: 30/07/2017

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 668

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

The SMB service in EMC VNXe (VNXe3200 Operating Environment prior to 3.1.5.8711957 and VNXe3100/3150/3300 Operating Environment prior to 2.4.4.22638), VNX1 File OE prior to 7.1.80.3, VNX2 File OE prior to 8.1.9.155, and Celerra (all supported versions) does not prevent duplicate NTLM challenge-response nonces, which makes it easier for remote malicious users to execute arbitrary code, or read or write to files, via a series of authentication requests, a related issue to CVE-2010-0231.

Vulnerable Product	Search on Vulmon	Subscribe to Product
emc vnx1_oe_firmware -
emc vnxe_oe_firmware -
emc vnx2_oe_firmware -

EMC slings patch at remote hack nonce-nse

The Register • Team Register • 11 Jan 2017

Smells like 2010

Remote attackers can hose EMC hybrid flash storage thanks to cryptographic weaknesses. The patched vulnerability (CVE-2016-0917) affects EMC's VNX1, VNX2 and VNXe systems, including the end-of-life Celerra which will not receive a fix. EMC researchers wrote in a security notice that remote attackers could access the SMB service using administrator credentials by messing with authentication protocols such that duplicate cryptographic nonces are produced. "An unauthenticated remote attacker may po...

CVE-2016-0917

Vulnerability Summary

Recent Articles

References

Vulmon Search

About

Products

Connect