CyberSec.Space Logo
Back to CVE Browser

CVE-2017-8001

HIGH
8.4
CVSS Severity Score
EPSS Score0.0950%
EPSS Percentile13.91th
PublishedNov 28, 2017
Last ModifiedMay 13, 2026

Vulnerability Description

An issue was discovered in EMC ScaleIO 2.0.1.x. In a Linux environment, one of the support scripts saves the credentials of the ScaleIO MDM user who executed the script in clear text in temporary log files. The temporary files may potentially be read by an unprivileged user with access to the server where the script was executed to recover exposed credentials.

Affected Platforms (CPE)

πŸ“¦
Dell

Emc Scaleio

= 2.0.1.0
πŸ“¦
Dell

Emc Scaleio

= 2.0.1.1
πŸ“¦
Dell

Emc Scaleio

= 2.0.1.2
πŸ“¦
Dell

Emc Scaleio

= 2.0.1.3

References & Advisories

πŸ”— http://seclists.org/fulldisclosure/2017/Nov/35
πŸ”— http://www.securityfocus.com/bid/101997
πŸ”— http://seclists.org/fulldisclosure/2017/Nov/35
πŸ”— http://www.securityfocus.com/bid/101997

Related Vulnerabilities

CVE-2017-80209.8

An issue was discovered in EMC ScaleIO 2.0.1.x. A buffer overflow vulnerability in the SDBG service may potentially allow a remote...

CVE-2018-12379.8

Dell EMC ScaleIO versions prior to 2.5, contain improper restriction of excessive authentication attempts on the Light installatio...

CVE-2016-98678.8

An issue was discovered in EMC ScaleIO versions before 2.0.1.1. A low-privileged local attacker may be able to modify the kernel m...

CVE-2018-12057.5

Dell EMC ScaleIO, versions prior to 2.5, do not properly handle some packet data in the MDM service. As a result, a remote attacke...