Uncontrolled Search Path Vulnerability in EMC VNX Control Station

Uncontrolled Search Path Vulnerability in EMC VNX Control Station

CVE-2017-4987 · MEDIUM Severity

AV:L/AC:M/AU:N/C:P/I:P/A:P

In EMC VNX2 versions prior to OE for File 8.1.9.211 and VNX1 versions prior to OE for File 7.1.80.8, a local authenticated user can load a maliciously crafted file in the search path which may potentially allow the attacker to execute arbitrary code on the targeted VNX Control Station system, aka an uncontrolled search path vulnerability.

Learn more about our User Device Pen Test.