CVE-2020-5328

Summary

Dell EMC Isilon OneFS versions prior to 8.2.0 contain an unauthorized access vulnerability due to a lack of thorough authorization checks when SyncIQ is licensed, but encrypted syncs are not marked as required. When this happens, loss of control of the cluster can occur.

Affected Software

VendorProductVersion RangeStatus
DellIsilon OneFSunspecified < 8.2.0affected

Weaknesses

  • CWE-306: CWE-306: Missing Authentication for Critical Function

ADP Enrichment

CVE Program Container

Additional References

References