CVE-2018-1205
- EPSS 2.14%
- Published 27.03.2018 21:29:00
- Last modified 21.11.2024 03:59:23
Dell EMC ScaleIO, versions prior to 2.5, do not properly handle some packet data in the MDM service. As a result, a remote attacker could potentially send specifically crafted packet data to the MDM service causing it to crash.
CVE-2018-1237
- EPSS 0.34%
- Published 27.03.2018 21:29:00
- Last modified 21.11.2024 03:59:26
Dell EMC ScaleIO versions prior to 2.5, contain improper restriction of excessive authentication attempts on the Light installation Agent (LIA). This component is deployed on every server in the ScaleIO cluster and is used for central management of S...
CVE-2018-1238
- EPSS 2.57%
- Published 27.03.2018 21:29:00
- Last modified 21.11.2024 03:59:26
Dell EMC ScaleIO versions prior to 2.5, contain a command injection vulnerability in the Light Installation Agent (LIA). This component is used for central management of ScaleIO deployment and uses shell commands for certain actions. A remote malicio...
CVE-2017-8001
- EPSS 0.08%
- Published 28.11.2017 07:29:00
- Last modified 20.04.2025 01:37:25
An issue was discovered in EMC ScaleIO 2.0.1.x. In a Linux environment, one of the support scripts saves the credentials of the ScaleIO MDM user who executed the script in clear text in temporary log files. The temporary files may potentially be read...