Published on 04/07/15 - Updated on 08/07/15
The log-gather implementation in the web administration interface in EMC Isilon OneFS 6.5.x.x through 7.1.1.x before 220.127.116.11 and 7.2.0.x before 18.104.22.168 allows remote authenticated users to execute arbitrary commands with root privileges via unspecified vectors.
CWE-77 (Command Injection)
The software constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.
No exploits available for this CVE in our database.