CVE-2017-4987

Summary

In EMC VNX2 versions prior to OE for File 8.1.9.211 and VNX1 versions prior to OE for File 7.1.80.8, a local authenticated user can load a maliciously crafted file in the search path which may potentially allow the attacker to execute arbitrary code on the targeted VNX Control Station system, aka an uncontrolled search path vulnerability.

Affected Software

VendorProductVersion RangeStatus
n/aEMC VNX2 versions prior to OE for File 8.1.9.211, EMC VNX1 versions prior to OE for File 7.1.80.8EMC VNX2 versions prior to OE for File 8.1.9.211, EMC VNX1 versions prior to OE for File 7.1.80.8affected

Weaknesses

  • Uncontrolled search path vulnerability

ADP Enrichment

CVE Program Container

Additional References

References