CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
AI Score
Confidence
Low
EPSS
Percentile
56.3%
EMC Celerra Network Server 6.x before 6.0.61.0, VNX 7.x before 7.0.53.2, and VNXe 2.0 and 2.1 before 2.1.3.19077 (aka MR1 SP3.2) and 2.2 before 2.2.0.19078 (aka MR2 SP0.2) do not properly implement NFS access control, which allows remote authenticated users to read or modify files via a (1) NFSv2, (2) NFSv3, or (3) NFSv4 request.
Vendor | Product | Version | CPE |
---|---|---|---|
emc | celerra_network_server | 6.0.36.4 | cpe:2.3:a:emc:celerra_network_server:6.0.36.4:*:*:*:*:*:*:* |
emc | celerra_network_server | 6.0.60.2 | cpe:2.3:a:emc:celerra_network_server:6.0.60.2:*:*:*:*:*:*:* |
emc | vnx | 7.0.12.0 | cpe:2.3:a:emc:vnx:7.0.12.0:*:*:*:*:*:*:* |
emc | vnx | 7.0.53.1 | cpe:2.3:a:emc:vnx:7.0.53.1:*:*:*:*:*:*:* |
emc | vnxe | 2.0 | cpe:2.3:a:emc:vnxe:2.0:*:*:*:*:*:*:* |
emc | vnxe | 2.0 | cpe:2.3:a:emc:vnxe:2.0:sp1:*:*:*:*:*:* |
emc | vnxe | 2.0 | cpe:2.3:a:emc:vnxe:2.0:sp2:*:*:*:*:*:* |
emc | vnxe | 2.0 | cpe:2.3:a:emc:vnxe:2.0:sp3:*:*:*:*:*:* |
emc | vnxe | mr1 | cpe:2.3:a:emc:vnxe:mr1:sp1:*:*:*:*:*:* |
emc | vnxe | mr1 | cpe:2.3:a:emc:vnxe:mr1:sp2:*:*:*:*:*:* |