CVE-2016-9868 - An issue was discovered in EMC ScaleIO versions before 2.0.1.1. A low-privileged local attacker may

CVE-2016-9868

Summary

An issue was discovered in EMC ScaleIO versions before 2.0.1.1. A low-privileged local attacker may cause a denial-of-service by generating a kernel panic in the SCINI driver using IOCTL calls which may render the ScaleIO Data Client (SDC) server unavailable until the next reboot.

References

http://www.securityfocus.com/archive/1/539983/30/0/threaded
http://www.securityfocus.com/bid/95301

Vulnerable Configurations

cpe:2.3:a:emc:scaleio:*:*:*:*:*:*:*:*
cpe:2.3:a:emc:scaleio:*:*:*:*:*:*:*:*

CVSS

Base:	2.1 (as of 11-01-2017 - 02:59)
Impact:
Exploitability:

CWE

CWE-254

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	LOW	NONE

Impact

Confidentiality	Integrity	Availability
NONE	NONE	PARTIAL

cvss-vector via4

AV:L/AC:L/Au:N/C:N/I:N/A:P

refmap via4

bid	95301
confirm	http://www.securityfocus.com/archive/1/539983/30/0/threaded

Last major update

11-01-2017 - 02:59

Published

06-01-2017 - 22:59

Last modified

11-01-2017 - 02:59