Details of VAR-201702-0309

ID

VAR-201702-0309

CVE

CVE-2016-8211

TITLE

EMC Data Protection Advisor Path traversal vulnerability

Trust: 1.4

sources: JVNDB: JVNDB-2016-007968 // CNNVD: CNNVD-201702-031

DESCRIPTION

EMC Data Protection Advisor 6.1.x, EMC Data Protection Advisor 6.2, EMC Data Protection Advisor 6.2.1, EMC Data Protection Advisor 6.2.2, EMC Data Protection Advisor 6.2.3 prior to patch 446 has a path traversal vulnerability that may potentially be exploited by malicious users to compromise the affected system. Authentication is not required to exploit this vulnerability.The specific flaw exists within the ImageServlet servlet which listens on TCP ports 9002 and 9004. The issue lies in the failure to properly validate a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose files under the context of SYSTEM. The solution enables the automation and centralization of all such data collection and analysis, obtaining a single comprehensive view of the data protection environment and activities, and more. Link to remedies: Registered EMC Online Support customers can download the required patch from support.emc.com at https://support.emc.com/downloads/829_Data-Protection-Advisor If you have any questions, contact DELL/EMC Support. Credits: EMC would like to thank rgod working with Trend Micro's Zero Day Initiative for reporting this vulnerability. Read and use the information in this EMC Security Advisory to assist in avoiding any situation that might arise from the problems described herein. If you have any questions regarding this product alert, contact EMC Software Technical Support at 1-877-534-2867. For an explanation of Severity Ratings, refer to EMC Knowledgebase solution emc218831. EMC recommends all customers take into account both the base score and any relevant temporal and environmental scores which may impact the potential severity associated with particular security vulnerability. EMC recommends that all users determine the applicability of this information to their individual situations and take appropriate action. The information set forth herein is provided "as is" without warranty of any kind. EMC disclaims all warranties, either express or implied, including the warranties of merchantability, fitness for a particular purpose, title and non-infringement. In no event, shall EMC or its suppliers, be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if EMC or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages, so the foregoing limitation may not apply. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQEcBAEBCAAGBQJYiiHdAAoJEHbcu+fsE81ZK0MH/3ClnyYIsR4ztTld+TCIzWO1 ber0FmYs7iRUyiU6XPVxoOYvEQTTmZRwFzdKwXNQMwxwUc2TQoJy2Bqkf8OrMbB/ yA4sJkyCFD6pkX14Rp6RvOFYK+4MtkbLQkmyIyi4bpM19U33XIfojBH28zmFvQlG Tzj8wUkXP+/BLLz4c80Ffs9G4JbueBgCc24CVjVN8Ygh2ykAQLAyahfsw5nC3LZO qQdOo3yV6qn4OSHBqg6nLkFJXhvuUxl+OFm1C/Rl1xdIJ21tG54nKyxswQFr9M7+ MuvHCmooXSUNOtiznS/9cBRg5hKcB5Ug/OdWe3SzrP0D0sWekcsrGClUpES1EgI= =CMLs -----END PGP SIGNATURE-----

Trust: 2.7

sources: NVD: CVE-2016-8211 // JVNDB: JVNDB-2016-007968 // ZDI: ZDI-17-394 // BID: 95833 // VULHUB: VHN-97031 // PACKETSTORM: 140788

AFFECTED PRODUCTS

vendor:	dell	model:	emc data protection advisor	scope:	eq	version:	6.1	Trust: 1.0
vendor:	dell	model:	emc data protection advisor	scope:	eq	version:	6.2	Trust: 1.0
vendor:	dell	model:	emc data protection advisor	scope:	eq	version:	6.2.3	Trust: 1.0
vendor:	dell	model:	emc data protection advisor	scope:	eq	version:	6.2.1	Trust: 1.0
vendor:	dell	model:	emc data protection advisor	scope:	eq	version:	6.2.2	Trust: 1.0
vendor:	emc	model:	data protection advisor	scope:	eq	version:	6.2.3	Trust: 0.9
vendor:	emc	model:	data protection advisor	scope:	eq	version:	6.2.2	Trust: 0.9
vendor:	emc	model:	data protection advisor	scope:	eq	version:	6.2.1	Trust: 0.9
vendor:	emc	model:	data protection advisor	scope:	eq	version:	6.1	Trust: 0.9
vendor:	emc	model:	data protection advisor	scope:	eq	version:	6.2	Trust: 0.9
vendor:	dell emc old emc	model:	data protection advisor	scope:	eq	version:	6.2.1	Trust: 0.8
vendor:	dell emc old emc	model:	data protection advisor	scope:	eq	version:	6.1.x	Trust: 0.8
vendor:	dell emc old emc	model:	data protection advisor	scope:	eq	version:	6.2	Trust: 0.8
vendor:	dell emc old emc	model:	data protection advisor	scope:	eq	version:	6.2.2	Trust: 0.8
vendor:	dell emc old emc	model:	data protection advisor	scope:	lt	version:	6.2.3	Trust: 0.8
vendor:	dell emc old emc	model:	data protection advisor	scope:	eq	version:	6.2.3 patch 446	Trust: 0.8
vendor:	emc	model:	data protection advisor	scope:	-	version:	-	Trust: 0.7
vendor:	emc	model:	data protection advisor patch	scope:	ne	version:	6.2.3446	Trust: 0.3

sources: ZDI: ZDI-17-394 // BID: 95833 // JVNDB: JVNDB-2016-007968 // CNNVD: CNNVD-201702-031 // NVD: CVE-2016-8211

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2016-8211
value:	HIGH
Trust: 1.0
NVD:	CVE-2016-8211
value:	HIGH
Trust: 0.8
ZDI:	CVE-2016-8211
value:	MEDIUM
Trust: 0.7
CNNVD:	CNNVD-201702-031
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-97031
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2016-8211
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 2.5
VULHUB:	VHN-97031
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2016-8211
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	3.6
version:	3.1
Trust: 1.0
NVD:	CVE-2016-8211
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: ZDI: ZDI-17-394 // VULHUB: VHN-97031 // JVNDB: JVNDB-2016-007968 // CNNVD: CNNVD-201702-031 // NVD: CVE-2016-8211

PROBLEMTYPE DATA

problemtype:

CWE-22

Trust: 1.9

sources: VULHUB: VHN-97031 // JVNDB: JVNDB-2016-007968 // NVD: CVE-2016-8211

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201702-031

TYPE

path traversal

Trust: 0.6

sources: CNNVD: CNNVD-201702-031

CONFIGURATIONS

sources: JVNDB: JVNDB-2016-007968

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-97031

PATCH

title:	EMC Data Protection Advisor	url:	https://japan.emc.com/data-protection/data-protection-advisor.htm	Trust: 0.8
title:	EMC has issued an update to correct this vulnerability.	url:	http://seclists.org/bugtraq/2017/Jan/att-87/ESA-2016-133.txt	Trust: 0.7
title:	EMC Data Protection Advisor Repair measures for path traversal vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=67419	Trust: 0.6

sources: ZDI: ZDI-17-394 // JVNDB: JVNDB-2016-007968 // CNNVD: CNNVD-201702-031

EXTERNAL IDS

db:	NVD	id:	CVE-2016-8211	Trust: 3.6
db:	BID	id:	95833	Trust: 1.4
db:	SECTRACK	id:	1037729	Trust: 1.1
db:	JVNDB	id:	JVNDB-2016-007968	Trust: 0.8
db:	ZDI_CAN	id:	ZDI-CAN-3844	Trust: 0.7
db:	ZDI	id:	ZDI-17-394	Trust: 0.7
db:	CNNVD	id:	CNNVD-201702-031	Trust: 0.7
db:	PACKETSTORM	id:	140788	Trust: 0.2
db:	VULHUB	id:	VHN-97031	Trust: 0.1

sources: ZDI: ZDI-17-394 // VULHUB: VHN-97031 // BID: 95833 // JVNDB: JVNDB-2016-007968 // PACKETSTORM: 140788 // CNNVD: CNNVD-201702-031 // NVD: CVE-2016-8211

REFERENCES

url:	http://www.securityfocus.com/archive/1/540067/30/0/threaded	Trust: 2.5
url:	http://www.securityfocus.com/bid/95833	Trust: 1.1
url:	http://www.securitytracker.com/id/1037729	Trust: 1.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-8211	Trust: 0.9
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-8211	Trust: 0.8
url:	http://seclists.org/bugtraq/2017/jan/att-87/esa-2016-133.txt	Trust: 0.7
url:	http://www.emc.com/	Trust: 0.3
url:	https://support.emc.com/downloads/829_data-protection-advisor	Trust: 0.1

sources: ZDI: ZDI-17-394 // VULHUB: VHN-97031 // BID: 95833 // JVNDB: JVNDB-2016-007968 // PACKETSTORM: 140788 // CNNVD: CNNVD-201702-031 // NVD: CVE-2016-8211

CREDITS

rgod

Trust: 0.7

sources: ZDI: ZDI-17-394

SOURCES

db:	ZDI	id:	ZDI-17-394
db:	VULHUB	id:	VHN-97031
db:	BID	id:	95833
db:	JVNDB	id:	JVNDB-2016-007968
db:	PACKETSTORM	id:	140788
db:	CNNVD	id:	CNNVD-201702-031
db:	NVD	id:	CVE-2016-8211

LAST UPDATE DATE

2025-04-20T23:32:16.527000+00:00

SOURCES UPDATE DATE

db:	ZDI	id:	ZDI-17-394	date:	2017-06-12T00:00:00
db:	VULHUB	id:	VHN-97031	date:	2020-01-23T00:00:00
db:	BID	id:	95833	date:	2017-02-02T01:03:00
db:	JVNDB	id:	JVNDB-2016-007968	date:	2017-04-03T00:00:00
db:	CNNVD	id:	CNNVD-201702-031	date:	2017-07-14T00:00:00
db:	NVD	id:	CVE-2016-8211	date:	2025-04-20T01:37:25.860

SOURCES RELEASE DATE

db:	ZDI	id:	ZDI-17-394	date:	2017-06-12T00:00:00
db:	VULHUB	id:	VHN-97031	date:	2017-02-03T00:00:00
db:	BID	id:	95833	date:	2017-01-25T00:00:00
db:	JVNDB	id:	JVNDB-2016-007968	date:	2017-04-03T00:00:00
db:	PACKETSTORM	id:	140788	date:	2017-01-28T10:21:11
db:	CNNVD	id:	CNNVD-201702-031	date:	2017-02-06T00:00:00
db:	NVD	id:	CVE-2016-8211	date:	2017-02-03T07:59:00.327