Unauthorized Access Vulnerability in Dell EMC Isilon OneFS Versions Prior to 8.2.0

Unauthorized Access Vulnerability in Dell EMC Isilon OneFS Versions Prior to 8.2.0

CVE-2020-5328 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Dell EMC Isilon OneFS versions prior to 8.2.0 contain an unauthorized access vulnerability due to a lack of thorough authorization checks when SyncIQ is licensed, but encrypted syncs are not marked as required. When this happens, loss of control of the cluster can occur.

Learn more about our Web Application Penetration Testing UK.