{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-20T10:03:07.724","vulnerabilities":[{"cve":{"id":"CVE-2017-14380","sourceIdentifier":"security_alert@emc.com","published":"2017-12-13T20:29:00.207","lastModified":"2025-04-20T01:37:25.860","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"In EMC Isilon OneFS 8.1.0.0, 8.0.1.0 - 8.0.1.1, 8.0.0.0 - 8.0.0.4, 7.2.1.0 - 7.2.1.5, 7.2.0.x, and 7.1.1.x, a malicious compliance admin (compadmin) account user could exploit a vulnerability in isi_get_itrace or isi_get_profile maintenance scripts to run any shell script as system root on a cluster in compliance mode. This could potentially lead to an elevation of privilege for the compadmin user and violate compliance mode."},{"lang":"es","value":"En EMC Isilon OneFS 8.1.0.0, 8.0.1.0 - 8.0.1.1, 8.0.0.0 - 8.0.0.4, 7.2.1.0 - 7.2.1.5, 7.2.0.x y 7.1.1.x, un usuario con una cuenta de compliance admin (compadmin) puede explotar una vulnerabilidad en los scripts de mantenimiento isi_get_itrace o isi_get_profile para ejecutar cualquier script shell como root del sistema en un clúster en modo compliance. Esto podría conducir a una elevación de privilegios para el usuario compadmin y vulnerar el modo compliance."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":6.7,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":0.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:C/I:C/A:C","baseScore":7.2,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":3.9,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-269"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:emc:isilon_onefs:7.1.1.0:*:*:*:*:*:*:*","matchCriteriaId":"DEDB97FE-6470-4AFE-A3B0-B664F132A190"},{"vulnerable":true,"criteria":"cpe:2.3:o:emc:isilon_onefs:7.1.1.1:*:*:*:*:*:*:*","matchCriteriaId":"A669BE6B-726F-4F34-A009-798E32FF6895"},{"vulnerable":true,"criteria":"cpe:2.3:o:emc:isilon_onefs:7.1.1.2:*:*:*:*:*:*:*","matchCriteriaId":"4AE74624-A44D-4837-AD36-DBF3E93D5ED9"},{"vulnerable":true,"criteria":"cpe:2.3:o:emc:isilon_onefs:7.1.1.3:*:*:*:*:*:*:*","matchCriteriaId":"47CBA2E5-6E46-4922-B56B-3F8C578074B1"},{"vulnerable":true,"criteria":"cpe:2.3:o:emc:isilon_onefs:7.1.1.4:*:*:*:*:*:*:*","matchCriteriaId":"90C22C93-9069-406E-9A14-03F20AD34D11"},{"vulnerable":true,"criteria":"cpe:2.3:o:emc:isilon_onefs:7.1.1.5:*:*:*:*:*:*:*","matchCriteriaId":"CDD30754-489E-42BA-8B51-1FEB5DC30912"},{"vulnerable":true,"criteria":"cpe:2.3:o:emc:isilon_onefs:7.2.0.0:*:*:*:*:*:*:*","matchCriteriaId":"0E8AF3E1-FE57-40B9-95DD-4E4C8EB578CB"},{"vulnerable":true,"criteria":"cpe:2.3:o:emc:isilon_onefs:7.2.0.1:*:*:*:*:*:*:*","matchCriteriaId":"7F551F88-3176-4E92-AE7A-FCAB3A220A45"},{"vulnerable":true,"criteria":"cpe:2.3:o:emc:isilon_onefs:7.2.0.2:*:*:*:*:*:*:*","matchCriteriaId":"26144325-6722-48C1-A0C2-BB78EF9BDE60"},{"vulnerable":true,"criteria":"cpe:2.3:o:emc:isilon_onefs:7.2.0.3:*:*:*:*:*:*:*","matchCriteriaId":"B87E8EEE-42AA-48B3-ABBE-9CE7FD2C275B"},{"vulnerable":true,"criteria":"cpe:2.3:o:emc:isilon_onefs:7.2.0.4:*:*:*:*:*:*:*","matchCriteriaId":"6F09B14D-2C84-47F2-8F7F-6F8DAEFFF106"},{"vulnerable":true,"criteria":"cpe:2.3:o:emc:isilon_onefs:7.2.0.5:*:*:*:*:*:*:*","matchCriteriaId":"5F6E200D-49D6-492C-8B38-CBED90CA8118"},{"vulnerable":true,"criteria":"cpe:2.3:o:emc:isilon_onefs:7.2.1.0:*:*:*:*:*:*:*","matchCriteriaId":"10B1B998-AEEE-4123-82F3-72D84EF681DC"},{"vulnerable":true,"criteria":"cpe:2.3:o:emc:isilon_onefs:7.2.1.1:*:*:*:*:*:*:*","matchCriteriaId":"0828B061-28B4-4AEE-BBB9-AF287B90713C"},{"vulnerable":true,"criteria":"cpe:2.3:o:emc:isilon_onefs:7.2.1.2:*:*:*:*:*:*:*","matchCriteriaId":"064C487D-517E-4F7B-A182-5DF287477652"},{"vulnerable":true,"criteria":"cpe:2.3:o:emc:isilon_onefs:7.2.1.3:*:*:*:*:*:*:*","matchCriteriaId":"D1600B1F-C307-457B-BC84-73339A64DF8D"},{"vulnerable":true,"criteria":"cpe:2.3:o:emc:isilon_onefs:7.2.1.4:*:*:*:*:*:*:*","matchCriteriaId":"CE2687A1-97EC-4777-9CC1-164D525C56E5"},{"vulnerable":true,"criteria":"cpe:2.3:o:emc:isilon_onefs:7.2.1.5:*:*:*:*:*:*:*","matchCriteriaId":"08C3C4C1-505B-4171-831B-7FD7EB34B45C"},{"vulnerable":true,"criteria":"cpe:2.3:o:emc:isilon_onefs:8.0.0.0:*:*:*:*:*:*:*","matchCriteriaId":"AB53E775-7A57-41D2-A93D-5F96D72622D1"},{"vulnerable":true,"criteria":"cpe:2.3:o:emc:isilon_onefs:8.0.0.1:*:*:*:*:*:*:*","matchCriteriaId":"A17F44A3-8C09-49EE-8545-51C57F36B801"},{"vulnerable":true,"criteria":"cpe:2.3:o:emc:isilon_onefs:8.0.0.2:*:*:*:*:*:*:*","matchCriteriaId":"DCE2CA2E-BFAD-4D87-BAAA-DA63C88F38D5"},{"vulnerable":true,"criteria":"cpe:2.3:o:emc:isilon_onefs:8.0.0.3:*:*:*:*:*:*:*","matchCriteriaId":"11DF0A4B-702E-4E6B-AD2D-086F76B6DBB2"},{"vulnerable":true,"criteria":"cpe:2.3:o:emc:isilon_onefs:8.0.0.4:*:*:*:*:*:*:*","matchCriteriaId":"80042980-E2BB-49F0-A3DB-BE22ECF820C9"},{"vulnerable":true,"criteria":"cpe:2.3:o:emc:isilon_onefs:8.0.1.0:*:*:*:*:*:*:*","matchCriteriaId":"F2B3BD02-4CA9-4D00-A5B5-F3EBB7DACDEF"},{"vulnerable":true,"criteria":"cpe:2.3:o:emc:isilon_onefs:8.0.1.1:*:*:*:*:*:*:*","matchCriteriaId":"217B6DC1-07E4-4A1E-8867-85C258778E5B"},{"vulnerable":true,"criteria":"cpe:2.3:o:emc:isilon_onefs:8.1.0.0:*:*:*:*:*:*:*","matchCriteriaId":"847B0C10-6DCA-49FE-836C-F547B573A647"}]}]}],"references":[{"url":"http://seclists.org/fulldisclosure/2017/Dec/41","source":"security_alert@emc.com","tags":["Mailing List","Third Party Advisory"]},{"url":"http://www.securityfocus.com/bid/102210","source":"security_alert@emc.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://seclists.org/fulldisclosure/2017/Dec/41","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]},{"url":"http://www.securityfocus.com/bid/102210","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]}]}}]}