SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com






Category:   Device (Storage)  >   EMC Celerra Vendors:   EMC
EMC Celerra/VNX/VNXe Access Control Bug Lets Remote Authenticated Users Access Files/Directories
SecurityTracker Alert ID:  1027242
SecurityTracker URL:  http://securitytracker.com/id/1027242
CVE Reference:   CVE-2012-2282   (Links to External Site)
Date:  Jul 11 2012
Impact:   Disclosure of system information, Disclosure of user information
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): Network Server 6.0.36.4 - 6.0.60.2
Description:   A vulnerability was reported in EMC Celerra/VNX/VNXe. A remote authenticated user can access files and directories on the target file system.

A remote authenticated user can bypass access controls an gain unauthorized access to distributed files and directories on the target NFS file system.

The following product versions are affected:

EMC Celerra Network Server versions 6.0.36.4 through 6.0.60.2

EMC VNX versions 7.0.12.0 through 7.0.53.1

EMC VNXe 2.0 (including SP1, SP2, and SP3)

EMC VNXe MR1 (including SP1, SP2, SP3, and SP3.1)

EMC VNXe MR2 (including SP0.1)

Impact:   A remote authenticated user can access files and directories on the target system.
Solution:   The vendor has issued a fix:

EMC Celerra Network Server Version 6.0.61.0
EMC VNX Operating Environment for File Version 7.0.53.2
EMC VNXe MR1 SP3.2 (2.1.3.19077)
EMC VNXe MR2 SP0.2 (2.2.0.19078)

Vendor URL:  www.emc.com/ (Links to External Site)
Cause:   Access control error
Underlying OS:  

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

Copyright 2014, SecurityGlobal.net LLC