[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[FD] DSA-2018-024: Dell EMC VMAX Virtual Appliance (vApp) Manager Multiple Vulnerabilities
- From: EMC Product Security Response Center <Security_Alert AT emc.com>
- Subject: [FD] DSA-2018-024: Dell EMC VMAX Virtual Appliance (vApp) Manager Multiple Vulnerabilities
- Date: Tue, 13 Feb 2018 18:59:07 +0000
- Accept-language: en-US
- Arc-authentication-results: i=1; mx.google.com; dkim=neutral (body hash did not verify) firstname.lastname@example.org header.s=jan2013 header.b=FHODieQh; dkim=neutral (body hash did not verify) email@example.com header.s=jan2013 header.b=WP/papxE; spf=pass (google.com: domain of fulldisclosure-bounces AT seclists.org designates 2600:3c01::f03c:91ff:fe98:ff4e as permitted sender) smtp.mailfrom=fulldisclosure-bounces AT seclists.org
- Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:cc:list-subscribe :list-help:list-post:list-unsubscribe:list-id:precedence:subject :mime-version:content-language:accept-language:message-id:date :thread-index:thread-topic:to:from:dkim-signature:dkim-signature :delivered-to:arc-authentication-results; bh=0cwnDMmUqhVFOkydfljcKZLrvuN1QsAxjVyjXt7zwFw=; b=jijAzxJh09CeAcHktcZkrFa2z2UdAJBrMDL2IgWx2VdJ65E9iKz/BswRVP04GYsSsn fVJimWhmGWA9okdX+CBUhcSXYKvYuuvFfh5XRde4vrbR86E1dLh/An9C9Q1VfP/nENER 4Pd4qD/N9AtCO0UrYIIdTh4YyVSC+HQ6sYnNoPE8IJDJ0+kn4wH/7KRmyQeaHyz2tXRY k6FqiWaIzUzVRuBw+LIBLRX1K6prA6ETF3XAgAqYVSW2drFkB8NU73vPNWnkYovl7kr8 91DVexAti14BE1Vb6kyjvSjXxfEoLFVp5hvUl8Y5+NdXTYMkwkCn4WoZcQPF4IxvKRVC +Qbw==
- Arc-seal: i=1; a=rsa-sha256; t=1518638260; cv=none; d=google.com; s=arc-20160816; b=JFkMpmDsH/8C0uLxo6h1HnvjKz+3vhedoR0lQeXZZJUEYP+JIvKipi6EbXnhfBJGSd 03gVvehab3u3hS4goUsmzb4Bv0V1DEbVxWi7oGY/AhpVskNzP0NbM/7aDcvH6JJFMEwd HReK4Nu9SSuKMV+yQsY2mJJ1KowUbDHIQ95TQAUT+n3IiwYZplZ77EX9OIsS8XsYn9cN 2xxdlUUEi9Ph74eFNeKFyVtD9zlOgPA7Jk6EKqi+MN8ZPxC7BHhlxST7zwmOJnESo+K4 1E9ACwxQMPzqoV03DENI44MSsuKsP3ytJ0c0nPd+N8PMugi5hzt73wVFXFnx9xwIbVmY DwWw==
- Cc: EMC Product Security Response Center <Security_Alert AT emc.com>
- Sender: "Fulldisclosure" <fulldisclosure-bounces AT seclists.org>
- Thread-index: AdOkAvt/pcRG66AYQR+GIyY4Z1yKfQA+YCKg
- Thread-topic: DSA-2018-024: Dell EMC VMAX Virtual Appliance (vApp) Manager Multiple Vulnerabilities
- To: "'fulldisclosure AT seclists.org'" <fulldisclosure AT seclists.org>
-----BEGIN PGP SIGNED MESSAGE-----
DSA-2018-024: Dell EMC VMAX Virtual Appliance (vApp) Manager Multiple Vulnerabilities
Dell EMC Identifier: DSA-2018-024
CVE Identifier: CVE-2018-1215, CVE-2018-1216
Severity Rating: CVSS Base Score: See below for each CVE.
Dell EMC Unisphere for VMAX Virtual Appliance versions prior to 18.104.22.168
Dell EMC Solutions Enabler Virtual Appliance versions prior to 22.214.171.124
Dell EMC VASA Virtual Appliance versions prior to 126.96.36.1994
Dell EMC VMAX Embedded Management (eManagement) versions prior to and including 1.4 (Enginuity Release
5977.1125.1125 and earlier)
The vApp Manager which is embedded in Dell EMC Unisphere for VMAX, Dell EMC Solutions Enabler, Dell EMC VASA
Virtual Appliances, and Dell EMC VMAX Embedded Management (eManagement) contains multiple security
vulnerabilities that may potentially be exploited by malicious users to compromise the affected system.
Arbitrary file upload vulnerability
A remote authenticated malicious user may potentially upload arbitrary maliciously crafted files in any location
on the web server. By chaining this vulnerability with CVE-2018-1216, the attacker may use the default account
to exploit this vulnerability.
CVSS v3 Base Score: 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
Hard-coded password vulnerability
The vApp Manager contains an undocumented default account (ÒsmcÓ) with a hard-coded password that may
be used with certain web servlets. A remote attacker with the knowledge of the hard-coded password and the
message format may use vulnerable servlets to gain unauthorized access to the system.
Note: This account cannot be used to log in via the web user interface.
CVSSv3 Base Score: 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
The following VMAX products contain address these vulnerabilities:
ESX Server Installs:
Dell EMC Unisphere for VMAX Virtual Appliance 188.8.131.52 OVA hotfix 1090, service alert 1059
Dell EMC Unisphere for VMAX Virtual Appliance 184.108.40.206 ISO upgrade hotfix 1089, service alert 1058
Dell EMC Solutions Enabler Virtual Appliance 220.127.116.11 OVA hotfix 2058, service alert 1891
Dell EMC Solutions Enabler Virtual Appliance 18.104.22.168 ISO upgrade hotfix 2057, service alert 1890
Dell EMC VASA Virtual Appliance 22.214.171.1246 OVA
Dell EMC VASA Virtual Appliance 126.96.36.1996 ISO upgrade
eMGMT 188.8.131.525 (Service Pack 6848)
Dell EMC recommends all customers upgrade at the earliest opportunity.
Note: The default account ÒsmcÓ has been removed for all fresh installations of versions of the products that contain the
fixes. The account cannot be removed from the user database for upgrade situations, however all servlets that use this
account have been removed from the application making the account obsolete.
Link To Remedies:
Customers can download software for Dell EMC VASA Virtual Appliance 184.108.40.2066 OVA and ISO from Dell EMC Online
Support at https://support.emc.com/downloads/40557_VASA-Provider.
Registered Dell EMC Online Support customers are recommended to contact Dell EMC Customer Support for all other
fixes as they are not available from Dell EMC Online Support download page. Open a Service Request to have the hotfix
or ePack installed. Contact Dell EMC Support with any questions.
Dell EMC would like to thank Carlos Perez from Tenable for reporting these vulnerabilities.
For an explanation of Severity Ratings, refer to Dell EMC Knowledgebase article 468307. Dell EMC recommends all customers
take into account both the base score and any relevant temporal and environmental scores which may impact the
potential severity associated with particular security vulnerability.
Legal Information: Read and use the information in this Dell EMC Security Advisory to assist in avoiding any situation that might arise from the
problems described herein. If you have any questions regarding this product alert, contact Dell EMC Technical
Support at 1-877-534-2867. Dell EMC distributes EMC Security Advisories, in order to bring to the attention of
users of the affected Dell EMC products, important security information. Dell EMC recommends that all users determine the
applicability of this information to their individual situations and take appropriate action. The information set forth herein is
provided "as is" without warranty of any kind. Dell EMC disclaims all warranties, either express or implied,
including the warranties of merchantability, fitness for a particular purpose, title and non-infringement. In no event, shall
Dell EMC or its suppliers, be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of
business profits or special damages, even if Dell EMC or its suppliers have been advised of the possibility of such damages.
Some states do not allow the exclusion or limitation of liability for consequential or incidental damages, so the foregoing
limitation may not apply.
Dell EMC Product Security Response Center
security_alert AT emc.com
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - https://gpgtools.org
-----END PGP SIGNATURE-----
Sent through the Full Disclosure mailing list
Web Archives & RSS: http://seclists.org/fulldisclosure/