CVE-2017-2765 - Vulnerability Details

Vendors	Products
Emc	Isilon Insightiq

Link	Providers
http://www.securityfocus.com/archive/1/540100/30/0/threaded
http://www.securityfocus.com/bid/95945

Show plain JSON

{"containers": {"cna": {"affected": [{"product": "EMC Isilon InsightIQ 4.1.0, 4.0.1, 4.0.0, 3.2.2, 3.2.1, 3.2.0, 3.1.1, 3.1.0, 3.0.1, 3.0.0", "vendor": "n/a", "versions": [{"status": "affected", "version": "EMC Isilon InsightIQ 4.1.0, 4.0.1, 4.0.0, 3.2.2, 3.2.1, 3.2.0, 3.1.1, 3.1.0, 3.0.1, 3.0.0"}]}], "datePublic": "2017-02-08T00:00:00", "descriptions": [{"lang": "en", "value": "EMC Isilon InsightIQ 4.1.0, 4.0.1, 4.0.0, 3.2.2, 3.2.1, 3.2.0, 3.1.1, 3.1.0, 3.0.1, 3.0.0 is affected by an authentication bypass vulnerability that could potentially be exploited by attackers to compromise the affected system."}], "problemTypes": [{"descriptions": [{"description": "Authentication Bypass Vulnerability", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-02-09T10:57:02", "orgId": "c550e75a-17ff-4988-97f0-544cde3820fe", "shortName": "dell"}, "references": [{"name": "95945", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/95945"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.securityfocus.com/archive/1/540100/30/0/threaded"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security_alert@emc.com", "ID": "CVE-2017-2765", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "EMC Isilon InsightIQ 4.1.0, 4.0.1, 4.0.0, 3.2.2, 3.2.1, 3.2.0, 3.1.1, 3.1.0, 3.0.1, 3.0.0", "version": {"version_data": [{"version_value": "EMC Isilon InsightIQ 4.1.0, 4.0.1, 4.0.0, 3.2.2, 3.2.1, 3.2.0, 3.1.1, 3.1.0, 3.0.1, 3.0.0"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "EMC Isilon InsightIQ 4.1.0, 4.0.1, 4.0.0, 3.2.2, 3.2.1, 3.2.0, 3.1.1, 3.1.0, 3.0.1, 3.0.0 is affected by an authentication bypass vulnerability that could potentially be exploited by attackers to compromise the affected system."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Authentication Bypass Vulnerability"}]}]}, "references": {"reference_data": [{"name": "95945", "refsource": "BID", "url": "http://www.securityfocus.com/bid/95945"}, {"name": "http://www.securityfocus.com/archive/1/540100/30/0/threaded", "refsource": "CONFIRM", "url": "http://www.securityfocus.com/archive/1/540100/30/0/threaded"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T14:02:07.640Z"}, "title": "CVE Program Container", "references": [{"name": "95945", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/95945"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/540100/30/0/threaded"}]}]}, "cveMetadata": {"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe", "assignerShortName": "dell", "cveId": "CVE-2017-2765", "datePublished": "2017-02-08T17:00:00", "dateReserved": "2016-12-01T00:00:00", "dateUpdated": "2024-08-05T14:02:07.640Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{

containers : { »

cna : { »

affected : [ »

0 : { »

product : EMC Isilon InsightIQ 4.1.0, 4.0.1, 4.0.0, 3.2.2, 3.2.1, 3.2.0, 3.1.1, 3.1.0, 3.0.1, 3.0.0 (string)

vendor : n/a (string)

versions : [ »

0 : { »

status : affected (string)

version : EMC Isilon InsightIQ 4.1.0, 4.0.1, 4.0.0, 3.2.2, 3.2.1, 3.2.0, 3.1.1, 3.1.0, 3.0.1, 3.0.0 (string)

}

]

}

]

datePublic : 2017-02-08T00:00:00 (string)

descriptions : [ »

0 : { »

lang : en (string)

value : EMC Isilon InsightIQ 4.1.0, 4.0.1, 4.0.0, 3.2.2, 3.2.1, 3.2.0, 3.1.1, 3.1.0, 3.0.1, 3.0.0 is affected by an authentication bypass vulnerability that could potentially be exploited by attackers to compromise the affected system. (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

description : Authentication Bypass Vulnerability (string)

lang : en (string)

type : text (string)

}

]

}

]

providerMetadata : { »

dateUpdated : 2017-02-09T10:57:02 (string)

orgId : c550e75a-17ff-4988-97f0-544cde3820fe (string)

shortName : dell (string)

}

references : [ »

0 : { »

name : 95945 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_BID (string)

]

url : http://www.securityfocus.com/bid/95945 (string)

}

1 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

]

url : http://www.securityfocus.com/archive/1/540100/30/0/threaded (string)

}

]

x_legacyV4Record : { »

CVE_data_meta : { »

ASSIGNER : security_alert@emc.com (string)

ID : CVE-2017-2765 (string)

STATE : PUBLIC (string)

}

affects : { »

vendor : { »

vendor_data : [ »

0 : { »

product : { »

product_data : [ »

0 : { »

product_name : EMC Isilon InsightIQ 4.1.0, 4.0.1, 4.0.0, 3.2.2, 3.2.1, 3.2.0, 3.1.1, 3.1.0, 3.0.1, 3.0.0 (string)

version : { »

version_data : [ »

0 : { »

version_value : EMC Isilon InsightIQ 4.1.0, 4.0.1, 4.0.0, 3.2.2, 3.2.1, 3.2.0, 3.1.1, 3.1.0, 3.0.1, 3.0.0 (string)

}

]

}

]

}

vendor_name : n/a (string)

}

]

}

data_format : MITRE (string)

data_type : CVE (string)

data_version : 4.0 (string)

description : { »

description_data : [ »

0 : { »

lang : eng (string)

value : EMC Isilon InsightIQ 4.1.0, 4.0.1, 4.0.0, 3.2.2, 3.2.1, 3.2.0, 3.1.1, 3.1.0, 3.0.1, 3.0.0 is affected by an authentication bypass vulnerability that could potentially be exploited by attackers to compromise the affected system. (string)

}

]

}

problemtype : { »

problemtype_data : [ »

0 : { »

description : [ »

0 : { »

lang : eng (string)

value : Authentication Bypass Vulnerability (string)

}

]

}

]

}

references : { »

reference_data : [ »

0 : { »

name : 95945 (string)

refsource : BID (string)

url : http://www.securityfocus.com/bid/95945 (string)

}

1 : { »

name : http://www.securityfocus.com/archive/1/540100/30/0/threaded (string)

refsource : CONFIRM (string)

url : http://www.securityfocus.com/archive/1/540100/30/0/threaded (string)

}

]

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-05T14:02:07.640Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

name : 95945 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_BID (string)

2 : x_transferred (string)

]

url : http://www.securityfocus.com/bid/95945 (string)

}

1 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

1 : x_transferred (string)

]

url : http://www.securityfocus.com/archive/1/540100/30/0/threaded (string)

}

]

}

]

}

cveMetadata : { »

assignerOrgId : c550e75a-17ff-4988-97f0-544cde3820fe (string)

assignerShortName : dell (string)

cveId : CVE-2017-2765 (string)

datePublished : 2017-02-08T17:00:00 (string)

dateReserved : 2016-12-01T00:00:00 (string)

dateUpdated : 2024-08-05T14:02:07.640Z (string)

state : PUBLISHED (string)

}

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:emc:isilon_insightiq:3.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "D4D35198-BA21-445D-9693-BAF66AE61099", "vulnerable": true}, {"criteria": "cpe:2.3:a:emc:isilon_insightiq:3.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "341857D8-1DBB-479F-9C56-D17ACFC8117F", "vulnerable": true}, {"criteria": "cpe:2.3:a:emc:isilon_insightiq:3.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "D91524EB-ECF4-433A-A1D9-7574FAA3F58C", "vulnerable": true}, {"criteria": "cpe:2.3:a:emc:isilon_insightiq:3.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "7B9ABABD-2320-4C27-BFD7-1E6E34B453C7", "vulnerable": true}, {"criteria": "cpe:2.3:a:emc:isilon_insightiq:3.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "47BB054C-6573-4516-B74A-5B6BED8A82C9", "vulnerable": true}, {"criteria": "cpe:2.3:a:emc:isilon_insightiq:3.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "87999B65-7C3D-474A-90CD-00585641027E", "vulnerable": true}, {"criteria": "cpe:2.3:a:emc:isilon_insightiq:3.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "0AE8CFAC-5941-4A39-81DD-2AB3FEA90A4C", "vulnerable": true}, {"criteria": "cpe:2.3:a:emc:isilon_insightiq:4.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "618AE0B4-5DAD-44DC-9C50-4E68873B0931", "vulnerable": true}, {"criteria": "cpe:2.3:a:emc:isilon_insightiq:4.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "0B29B844-C048-42EE-8343-A9F23C513F21", "vulnerable": true}, {"criteria": "cpe:2.3:a:emc:isilon_insightiq:4.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "722FF243-ECAE-4193-ACC3-25AF6FB1D571", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "EMC Isilon InsightIQ 4.1.0, 4.0.1, 4.0.0, 3.2.2, 3.2.1, 3.2.0, 3.1.1, 3.1.0, 3.0.1, 3.0.0 is affected by an authentication bypass vulnerability that could potentially be exploited by attackers to compromise the affected system."}, {"lang": "es", "value": "EMC Isilon InsightIQ 4.1.0, 4.0.1, 4.0.0, 3.2.2, 3.2.1, 3.2.0, 3.1.1, 3.1.0, 3.0.1, 3.0.0 est\u00e1 afectado por una vulnerabilidad de elusi\u00f3n de autenticaci\u00f3n que podr\u00eda ser explotada potencialmente por atacantes para comprometer el sistema afectado."}], "id": "CVE-2017-2765", "lastModified": "2025-04-20T01:37:25.860", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-02-08T17:59:00.153", "references": [{"source": "security_alert@emc.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/archive/1/540100/30/0/threaded"}, {"source": "security_alert@emc.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/95945"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/archive/1/540100/30/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/95945"}], "sourceIdentifier": "security_alert@emc.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-287"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:emc:isilon_insightiq:3.0.0:*:*:*:*:*:*:* (string)

matchCriteriaId : D4D35198-BA21-445D-9693-BAF66AE61099 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:a:emc:isilon_insightiq:3.0.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 341857D8-1DBB-479F-9C56-D17ACFC8117F (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:a:emc:isilon_insightiq:3.1.0:*:*:*:*:*:*:* (string)

matchCriteriaId : D91524EB-ECF4-433A-A1D9-7574FAA3F58C (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:a:emc:isilon_insightiq:3.1.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 7B9ABABD-2320-4C27-BFD7-1E6E34B453C7 (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:a:emc:isilon_insightiq:3.2.0:*:*:*:*:*:*:* (string)

matchCriteriaId : 47BB054C-6573-4516-B74A-5B6BED8A82C9 (string)

vulnerable : true (boolean)

}

5 : { »

criteria : cpe:2.3:a:emc:isilon_insightiq:3.2.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 87999B65-7C3D-474A-90CD-00585641027E (string)

vulnerable : true (boolean)

}

6 : { »

criteria : cpe:2.3:a:emc:isilon_insightiq:3.2.2:*:*:*:*:*:*:* (string)

matchCriteriaId : 0AE8CFAC-5941-4A39-81DD-2AB3FEA90A4C (string)

vulnerable : true (boolean)

}

7 : { »

criteria : cpe:2.3:a:emc:isilon_insightiq:4.0.0:*:*:*:*:*:*:* (string)

matchCriteriaId : 618AE0B4-5DAD-44DC-9C50-4E68873B0931 (string)

vulnerable : true (boolean)

}

8 : { »

criteria : cpe:2.3:a:emc:isilon_insightiq:4.0.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 0B29B844-C048-42EE-8343-A9F23C513F21 (string)

vulnerable : true (boolean)

}

9 : { »

criteria : cpe:2.3:a:emc:isilon_insightiq:4.1.0:*:*:*:*:*:*:* (string)

matchCriteriaId : 722FF243-ECAE-4193-ACC3-25AF6FB1D571 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

]

cveTags : [ *empty* ]

descriptions : [ »

0 : { »

lang : en (string)

value : EMC Isilon InsightIQ 4.1.0, 4.0.1, 4.0.0, 3.2.2, 3.2.1, 3.2.0, 3.1.1, 3.1.0, 3.0.1, 3.0.0 is affected by an authentication bypass vulnerability that could potentially be exploited by attackers to compromise the affected system. (string)

}

1 : { »

lang : es (string)

value : EMC Isilon InsightIQ 4.1.0, 4.0.1, 4.0.0, 3.2.2, 3.2.1, 3.2.0, 3.1.1, 3.1.0, 3.0.1, 3.0.0 está afectado por una vulnerabilidad de elusión de autenticación que podría ser explotada potencialmente por atacantes para comprometer el sistema afectado. (string)

}

]

id : CVE-2017-2765 (string)

lastModified : 2025-04-20T01:37:25.860 (string)

metrics : { »

cvssMetricV2 : [ »

0 : { »

acInsufInfo : false (boolean)

baseSeverity : HIGH (string)

cvssData : { »

accessComplexity : LOW (string)

accessVector : NETWORK (string)

authentication : NONE (string)

availabilityImpact : PARTIAL (string)

baseScore : 7.5 (number)

confidentialityImpact : PARTIAL (string)

integrityImpact : PARTIAL (string)

vectorString : AV:N/AC:L/Au:N/C:P/I:P/A:P (string)

version : 2.0 (string)

}

exploitabilityScore : 10 (number)

impactScore : 6.4 (number)

obtainAllPrivilege : false (boolean)

obtainOtherPrivilege : false (boolean)

obtainUserPrivilege : false (boolean)

source : nvd@nist.gov (string)

type : Primary (string)

userInteractionRequired : false (boolean)

}

]

cvssMetricV30 : [ »

0 : { »

cvssData : { »

attackComplexity : LOW (string)

attackVector : NETWORK (string)

availabilityImpact : HIGH (string)

baseScore : 9.8 (number)

baseSeverity : CRITICAL (string)

confidentialityImpact : HIGH (string)

integrityImpact : HIGH (string)

privilegesRequired : NONE (string)

scope : UNCHANGED (string)

userInteraction : NONE (string)

vectorString : CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H (string)

version : 3.0 (string)

}

exploitabilityScore : 3.9 (number)

impactScore : 5.9 (number)

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

published : 2017-02-08T17:59:00.153 (string)

references : [ »

0 : { »

source : security_alert@emc.com (string)

tags : [ »

0 : Third Party Advisory (string)

1 : VDB Entry (string)

]

url : http://www.securityfocus.com/archive/1/540100/30/0/threaded (string)

}

1 : { »

source : security_alert@emc.com (string)

tags : [ »

0 : Third Party Advisory (string)

1 : VDB Entry (string)

]

url : http://www.securityfocus.com/bid/95945 (string)

}

2 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

1 : VDB Entry (string)

]

url : http://www.securityfocus.com/archive/1/540100/30/0/threaded (string)

}

3 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

1 : VDB Entry (string)

]

url : http://www.securityfocus.com/bid/95945 (string)

}

]

sourceIdentifier : security_alert@emc.com (string)

vulnStatus : Deferred (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-287 (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Affected Vendors & Products

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object