Scaleio
CVE-2017-8020
CRITICAL
Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionCVE.org
An issue was discovered in EMC ScaleIO 2.0.1.x. A buffer overflow vulnerability in the SDBG service may potentially allow a remote unauthenticated attacker to execute arbitrary commands with root privileges on an affected server.
AnalysisAI
An issue was discovered in EMC ScaleIO 2.0.1.x. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified as Buffer Overflow (CWE-119), which allows attackers to corrupt memory to execute arbitrary code or crash the application. An issue was discovered in EMC ScaleIO 2.0.1.x. A buffer overflow vulnerability in the SDBG service may potentially allow a remote unauthenticated attacker to execute arbitrary commands with root privileges on an affected server. Affected products include: Emc Scaleio.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Use memory-safe languages or bounds-checking. Enable ASLR, DEP/NX, stack canaries. Use safe string functions.
An issue was discovered in EMC ScaleIO versions before 2.0.1.1. Rated high severity (CVSS 8.8), this vulnerability is lo
An issue was discovered in EMC ScaleIO 2.0.1.x. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitab
An issue was discovered in EMC ScaleIO versions before 2.0.1.1. Rated medium severity (CVSS 5.5), this vulnerability is
An issue was discovered in EMC ScaleIO versions before 2.0.1.1. Rated medium severity (CVSS 5.5), this vulnerability is
Same weakness CWE-119 – Buffer Overflow
View allSame technique Buffer Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today