cvelist/2020/5xxx/CVE-2020-5353.json

{
    "CVE_data_meta": {
        "ASSIGNER": "secure@dell.com",
        "DATE_PUBLIC": "2020-04-09",
        "ID": "CVE-2020-5353",
        "STATE": "PUBLIC"
    },
    "affects": {
        "vendor": {
            "vendor_data": [
                {
                    "product": {
                        "product_data": [
                            {
                                "product_name": "Isilon OneFS",
                                "version": {
                                    "version_data": [
                                        {
                                            "version_affected": "<",
                                            "version_value": "All supported"
                                        }
                                    ]
                                }
                            }
                        ]
                    },
                    "vendor_name": "Dell"
                }
            ]
        }
    },
    "data_format": "MITRE",
    "data_type": "CVE",
    "data_version": "4.0",
    "description": {
        "description_data": [
            {
                "lang": "eng",
                "value": "The Dell Isilon OneFS versions 8.2.2 and earlier and Dell EMC PowerScale OneFS version 9.0.0 default configuration for Network File System (NFS) allows access to an 'admin' home directory. An attacker may leverage a spoofed Unique Identifier (UID) over NFS to rewrite sensitive files to gain administrative access to the system."
            }
        ]
    },
    "impact": {
        "cvss": {
            "baseScore": 8.8,
            "baseSeverity": "High",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
        }
    },
    "problemtype": {
        "problemtype_data": [
            {
                "description": [
                    {
                        "lang": "eng",
                        "value": "CWE-276: Incorrect Default Permissions"
                    }
                ]
            }
        ]
    },
    "references": {
        "reference_data": [
            {
                "refsource": "MISC",
                "url": "https://support.emc.com/kb/542721",
                "name": "https://support.emc.com/kb/542721"
            }
        ]
    }
}
"-Synchronized-Data." 2020-01-03 14:01:42 +00:00			`{`
			`"CVE_data_meta": {`
"-Synchronized-Data." 2021-07-30 14:11:02 +00:00			`"ASSIGNER": "secure@dell.com",`
			`"DATE_PUBLIC": "2020-04-09",`
			`"ID": "CVE-2020-5353",`
Added 4 CVEs 2021-07-29 11:51:18 -04:00			`"STATE": "PUBLIC"`
"-Synchronized-Data." 2021-07-30 14:11:02 +00:00			`},`
Added 4 CVEs 2021-07-29 11:51:18 -04:00			`"affects": {`
			`"vendor": {`
			`"vendor_data": [`
			`{`
			`"product": {`
			`"product_data": [`
			`{`
"-Synchronized-Data." 2021-07-30 14:11:02 +00:00			`"product_name": "Isilon OneFS",`
Added 4 CVEs 2021-07-29 11:51:18 -04:00			`"version": {`
			`"version_data": [`
			`{`
"-Synchronized-Data." 2021-07-30 14:11:02 +00:00			`"version_affected": "<",`
Added 4 CVEs 2021-07-29 11:51:18 -04:00			`"version_value": "All supported"`
			`}`
			`]`
			`}`
			`}`
			`]`
"-Synchronized-Data." 2021-07-30 14:11:02 +00:00			`},`
Added 4 CVEs 2021-07-29 11:51:18 -04:00			`"vendor_name": "Dell"`
			`}`
			`]`
			`}`
"-Synchronized-Data." 2021-07-30 14:11:02 +00:00			`},`
			`"data_format": "MITRE",`
			`"data_type": "CVE",`
			`"data_version": "4.0",`
"-Synchronized-Data." 2020-01-03 14:01:42 +00:00			`"description": {`
			`"description_data": [`
			`{`
"-Synchronized-Data." 2021-07-30 14:11:02 +00:00			`"lang": "eng",`
Added 4 CVEs 2021-07-29 11:51:18 -04:00			`"value": "The Dell Isilon OneFS versions 8.2.2 and earlier and Dell EMC PowerScale OneFS version 9.0.0 default configuration for Network File System (NFS) allows access to an 'admin' home directory. An attacker may leverage a spoofed Unique Identifier (UID) over NFS to rewrite sensitive files to gain administrative access to the system."`
			`}`
			`]`
"-Synchronized-Data." 2021-07-30 14:11:02 +00:00			`},`
Added 4 CVEs 2021-07-29 11:51:18 -04:00			`"impact": {`
			`"cvss": {`
"-Synchronized-Data." 2021-07-30 14:11:02 +00:00			`"baseScore": 8.8,`
			`"baseSeverity": "High",`
			`"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",`
Added 4 CVEs 2021-07-29 11:51:18 -04:00			`"version": "3.1"`
			`}`
"-Synchronized-Data." 2021-07-30 14:11:02 +00:00			`},`
Added 4 CVEs 2021-07-29 11:51:18 -04:00			`"problemtype": {`
			`"problemtype_data": [`
			`{`
			`"description": [`
			`{`
"-Synchronized-Data." 2021-07-30 14:11:02 +00:00			`"lang": "eng",`
Added 4 CVEs 2021-07-29 11:51:18 -04:00			`"value": "CWE-276: Incorrect Default Permissions"`
			`}`
			`]`
			`}`
			`]`
"-Synchronized-Data." 2021-07-30 14:11:02 +00:00			`},`
Added 4 CVEs 2021-07-29 11:51:18 -04:00			`"references": {`
			`"reference_data": [`
			`{`
"-Synchronized-Data." 2021-07-30 14:11:02 +00:00			`"refsource": "MISC",`
			`"url": "https://support.emc.com/kb/542721",`
			`"name": "https://support.emc.com/kb/542721"`
"-Synchronized-Data." 2020-01-03 14:01:42 +00:00			`}`
			`]`
			`}`
			`}`