CVE-2020-5365 : What You Need to Know

Dell EMC Isilon versions 8.2.2 and earlier contain a remotesupport vulnerability due to a predictable default password for the pre-configured support account.

Understanding CVE-2020-5365

This CVE involves a security vulnerability in Dell EMC Isilon versions 8.2.2 and below, impacting the remotesupport account.

What is CVE-2020-5365?

Dell EMC Isilon OneFS installations with versions 8.2.2 and earlier are susceptible to a remotesupport vulnerability. The issue arises from the predictability of the default password for the remotesupport account.

The Impact of CVE-2020-5365

The vulnerability has a CVSS base score of 5.3, indicating a medium severity level. It can be exploited remotely with low attack complexity, affecting availability with a low impact.

Technical Details of CVE-2020-5365

This section provides more in-depth technical insights into the CVE.

Vulnerability Description

The vulnerability stems from the predictable default password associated with the remotesupport account in Dell EMC Isilon OneFS installations.

Affected Systems and Versions

Product: Isilon OneFS
Vendor: Dell
Versions Affected: Less than 8.2.2

Exploitation Mechanism

The vulnerability can be exploited remotely with no privileges required, impacting availability with a low severity level.

Mitigation and Prevention

To address CVE-2020-5365, immediate steps and long-term security practices are recommended.

Immediate Steps to Take

Change the default password for the remotesupport account immediately.
Monitor and restrict access to the remotesupport account.

Long-Term Security Practices

Implement strong password policies for all accounts.
Regularly update and patch Dell EMC Isilon OneFS installations.

Patching and Updates

Ensure that Dell EMC Isilon OneFS is updated to version 8.2.2 or higher to mitigate the vulnerability.