Dell EMC Isilon versions between 8.1.0.0 - 8.1.0.1, 8.0.1.0 - 8.0.1.2, and 8.0.0.0 - 8.0.0.6, and version 7.1.1.11 is affected by a cross-site scripting vulnerability in the NDMP Page within the OneFS web administration interface. A malicious administrator may potentially inject arbitrary HTML or JavaScript code in the user's browser session in the context of the OneFS website.
References
Link Resource
http://seclists.org/fulldisclosure/2018/Mar/50 Mailing List Third Party Advisory
http://www.securityfocus.com/bid/103033 Third Party Advisory VDB Entry
https://www.coresecurity.com/advisories/dell-emc-isilon-onefs-multiple-vulnerabilities Exploit Third Party Advisory
https://www.exploit-db.com/exploits/44039/ Exploit Third Party Advisory VDB Entry
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: dell

Published: 2018-03-19T00:00:00

Updated: 2018-03-27T15:57:02

Reserved: 2017-12-06T00:00:00


Link: CVE-2018-1202

JSON object: View

cve-icon NVD Information

Status : Analyzed

Published: 2018-03-26T18:29:01.190

Modified: 2018-04-19T14:20:57.657


Link: CVE-2018-1202

JSON object: View

cve-icon Redhat Information

No data.

CWE