CVE-2017-4985 Vulnerability Details

  /     /     /  

CVE-2017-4985 Metadata Quick Info

CVE Published: 19/06/2017 | CVE Updated: 05/08/2024 | CVE Year: 2017
Source: dell | Vendor: n/a | Product: EMC VNX2 versions prior to OE for File 8.1.9.211, EMC VNX1 versions prior to OE for File 7.1.80.8
Status : PUBLISHED

---

CVE-2017-4985 Description

In EMC VNX2 versions prior to OE for File 8.1.9.211 and VNX1 versions prior to OE for File 7.1.80.8, a local authenticated user may potentially escalate their privileges to root due to authorization checks not being performed on certain perl scripts. This may potentially be exploited by an attacker to run arbitrary commands as root on the targeted VNX Control Station system.

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID:
CWE Name: Local privilege escalation vulnerability
Source: n/a

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).