CVE-2016-9870 Emc CVE debrief

Who should care

Administrators and security teams responsible for EMC Isilon OneFS deployments, especially environments using LDAP-integrated workflows or where privileged local access is present.

Technical summary

NVD classifies the weakness as CWE-90 (LDAP Injection). The CVSS v3.0 vector is AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H, indicating a local attack that requires high privileges and no user interaction, but can have high impact on confidentiality, integrity, and availability. The affected versions listed in the NVD record match the OneFS release ranges called out in the CVE description.

Defensive priority

Medium — the attack requires local access and high privileges, but the potential impact is broad and the affected version set is large.

Recommended defensive actions

• Confirm whether any affected EMC Isilon OneFS versions are deployed, especially the 7.1.0.x, 7.1.1.x, 7.2.0.x, 7.2.1.x, and 8.0.0.0 branches listed in the record.
• Follow the vendor mitigation/advisory references linked in the NVD record and move to a non-affected release or apply vendor-provided remediation where available.
• Review who has privileged local access to affected appliances and reduce unnecessary administrative access where possible.
• Monitor LDAP-related configuration and administrative changes for unexpected or unauthorized modification.
• Validate that your vulnerability management program has recorded this issue as a local, high-privilege exposure rather than a remotely exploitable flaw.

Evidence notes

Evidence in the supplied corpus comes from the official CVE/NVD record and the references embedded in that record. The NVD entry lists the affected OneFS versions, maps the weakness to CWE-90, and assigns CVSS v3.0 AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H. The provided timeline shows public publication on 2017-01-23 and no KEV designation.

Official resources