VNX, Dell EMC Unity: Is VNX or Dell EMC Unity vulnerable to CVE-2017-7494? (User Correctable)
This article applies to
This article does not apply to
This article is not tied to any specific product.
Not all product versions are identified in this article.
Symptoms
Security scanners are flagging the VNX Control Station as vulnerable to CVE-2017-7494
Cause
Determine whether or not CVE-2017-7494 is applicable to VNX or Unity.
Resolution
This is a false positive. Neither VNX nor Unity are vulnerable to CVE-2017-7494.
VNX: The VNX Control Station is not vulnerable for the following reasons:
Unity: The Unity Control Station is not vulnerable for the following reasons:
VNX: The VNX Control Station is not vulnerable for the following reasons:
- The VNX Control Station does not have the "samba" package loaded
- Even if it did, Red Hat acknowledges that the version of Red Hat Enterprise Linux (RHEL) upon which EMC Control Station Linux is built is not affected by this vulnerability.
- Finally, you must have an active SAMBA server and a read/write SAMBA share in order to be vulnerable, and that is not possible on a VNX Control Station.
Unity: The Unity Control Station is not vulnerable for the following reasons:
- The Unity Control Station does not have the "samba" package loaded.
- You must have an active SAMBA server and a read/write SAMBA share in order to be vulnerable. Unity Control Stations cannot create SAMBA servers or shares.
Additional Information
To test this on a system, simply check for the "samba" package. Run the following command to check for the package:
rpm -qa | grep samba
[nasadmin@CS0 ~]$ rpm -qa | grep samba
[nasadmin@CS0 ~]$
[user@Linux ~]$ rpm -qa | grep samba
samba-3.6.23-36.el6_8.x86_64
samba-common-3.6.23-36.el6_8.x86_64
samba-winbind-clients-3.6.23-36.el6_8.x86_64
samba-client-3.6.23-36.el6_8.x86_64
samba4-libs-4.0.0-55.el6.rc4.x86_64
samba-winbind-3.6.23-36.el6_8.x86_64
[user@Linux ~]$
rpm -qa | grep samba
The command should return nothing.
[nasadmin@CS0 ~]$ rpm -qa | grep samba
[nasadmin@CS0 ~]$
SAMBA installed on a working system would return something similar to the following:
[user@Linux ~]$ rpm -qa | grep samba
samba-3.6.23-36.el6_8.x86_64
samba-common-3.6.23-36.el6_8.x86_64
samba-winbind-clients-3.6.23-36.el6_8.x86_64
samba-client-3.6.23-36.el6_8.x86_64
samba4-libs-4.0.0-55.el6.rc4.x86_64
samba-winbind-3.6.23-36.el6_8.x86_64
[user@Linux ~]$
Affected Products
VNX2 SeriesProducts
eNAS, Dell EMC Unity 400F, Dell EMC Unity 450F, Dell EMC Unity 500, Dell EMC Unity 500F, Dell EMC Unity 550F, Dell EMC Unity 600, Dell EMC Unity 600F, Dell EMC Unity 650F, Dell EMC Unity Family, Dell EMC Unity Hybrid
, Dell EMC UnityVSA Professional Edition/Unity Cloud Edition, VNX VG10, VNX VG2, VNX VG50, VNX VG8, VNX2 Series, VNX5100, VNX5150, VNX5200, VNX5300, VNX5400, VNX5500, VNX5600, VNX5700, VNX5800, VNX7500, VNX7600, VNX8000
...
Article Properties
Article Number: 000054802
Article Type: Solution
Last Modified: 07 Nov 2025
Version: 3
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.