Hi, Link: https://blogs.securiteam.com/index.php/archives/3252 Twitter: @SecuriTeam_SSD Vulnerability Summary The following advisory describes a Remote Command Injection vulnerability found in EMC IsilonSD Edge version 1.0.1.0005. IsilonSD Edge enables you to deploy industry leading scale-out NAS operating system using industry-standard hardware. Key benefits of IsilonSD Edge: Simple yet powerful and efficient scale-out storage solution for remote and branch offices, Easily extends your enterprise data lake from the core data center to edge locations and Enables consolidation and distribution of unstructured data Credit An independent security researcher, Nahuel D. Sánchez from vvvSecurity, has reported this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure program Vendor response We have informed EMC of the vulnerability on the 24th of April 2017, the last email we received from them was on the 30th of May 2017. We have no further updates from EMC regarding the availability of a patch or a workaround for the vulnerability. -- Thanks Maor Shwartz GPG Key ID: 93CC36E2DE7FF514
Attachment:
SSD Advisory – EMC IsilonSD Edge Command Injection – SecuriTeam Blogs.pdf
Description: Adobe PDF document
_______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/