CVE-2017-4987
Last modified
CVE-2017-4987 is a vulnerability of currently unknown severity. In EMC VNX2 versions prior to OE for File 8.1.9.211 and VNX1 versions prior to OE for File 7.1.80.8, a local authenticated user can load a maliciously crafted file in the search path which may potentially allow the attacker to execute arbitrary code on the targeted VNX Control Station system, aka an uncontrolled search path vulnerability.. EPSS estimates a 0.45% chance of exploitation in the next 30 days.
Description
In EMC VNX2 versions prior to OE for File 8.1.9.211 and VNX1 versions prior to OE for File 7.1.80.8, a local authenticated user can load a maliciously crafted file in the search path which may potentially allow the attacker to execute arbitrary code on the targeted VNX Control Station system, aka an uncontrolled search path vulnerability.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Emc | Vnx2 Firmware | All versions |
| Emc | Vnx1 Firmware | All versions |
References
- http://www.securityfocus.com/archive/1/540738/30/0/threadedThird Party Advisory, VDB Entry
- http://www.securityfocus.com/bid/99045Third Party Advisory, VDB Entry
- http://www.securityfocus.com/archive/1/540738/30/0/threadedThird Party Advisory, VDB Entry
- http://www.securityfocus.com/bid/99045Third Party Advisory, VDB Entry
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2017-4987?
How severe is CVE-2017-4987?
How do I fix CVE-2017-4987?
Are you affected by CVE-2017-4987?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST