← volver
CVE-2018-1186

CVE-2018-1186

EPSS 1.9%
Dell EMC Isilon versions between 8.1.0.0 - 8.1.0.1, 8.0.1.0 - 8.0.1.2, and 8.0.0.0 - 8.0.0.6, versions 7.2.1.x, and version 7.1.1.11 is affected by a cross-site scripting vulnerability in the Cluster description of the OneFS web administration interface. A malicious administrator may potentially inject arbitrary HTML or JavaScript code in the user's browser session in the context of the OneFS website.
Productos afectados
Dell EMC · Isilon OneFS
PoCs públicas encontradas2
cve_referencewww.exploit-db.com/exploits/44039/no verificadoexploitdbwww.exploit-db.com/exploits/44039no verificado
⚠ Recursos públicos, para evaluar la exposición de sistemas que controlas o estás autorizado a probar. Prueba solo con autorización.

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
http://seclists.org/fulldisclosure/2018/Mar/50https://www.coresecurity.com/advisories/dell-emc-isilon-onefs-multiple-vulnerabilitieshttps://www.exploit-db.com/exploits/44039/http://www.securityfocus.com/bid/103033