Sign-up

ID

VAR-201708-0394


CVE

CVE-2017-10949


TITLE

Dell Storage Manager Path traversal vulnerability

Trust: 1.4

sources: JVNDB: JVNDB-2017-006915 // CNNVD: CNNVD-201707-140

DESCRIPTION

Directory Traversal in Dell Storage Manager 2016 R2.1 causes Information Disclosure when the doGet method of the EmWebsiteServlet class doesn't properly validate user provided path before using it in file operations. Was ZDI-CAN-4459. This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Dell Storage Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the doGet method of the EmWebsiteServlet class, which listens on TCP port 3033 by default. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose sensitive information under the context of SYSTEM. Storage Manager is prone to a directory-traversal vulnerability. This may aid in further attacks

Trust: 2.61

sources: NVD: CVE-2017-10949 // JVNDB: JVNDB-2017-006915 // ZDI: ZDI-17-523 // BID: 100138 // VULHUB: VHN-101322

AFFECTED PRODUCTS

vendor:dellmodel:storage manager 2016scope:eqversion:r2.1

Trust: 1.6

vendor:dellmodel:storage managerscope:eqversion:2016 r2.1

Trust: 0.8

vendor:dell emcmodel:storage managerscope: - version: -

Trust: 0.7

vendor:dellmodel:storage manager r2.1scope:eqversion:2016

Trust: 0.3

sources: ZDI: ZDI-17-523 // BID: 100138 // JVNDB: JVNDB-2017-006915 // CNNVD: CNNVD-201707-140 // NVD: CVE-2017-10949

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2017-10949
value: HIGH

Trust: 1.0

NVD: CVE-2017-10949
value: HIGH

Trust: 0.8

ZDI: CVE-2017-10949
value: HIGH

Trust: 0.7

CNNVD: CNNVD-201707-140
value: MEDIUM

Trust: 0.6

VULHUB: VHN-101322
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2017-10949
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

ZDI: CVE-2017-10949
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:C/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.7

VULHUB: VHN-101322
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2017-10949
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.0

Trust: 1.8

sources: ZDI: ZDI-17-523 // VULHUB: VHN-101322 // JVNDB: JVNDB-2017-006915 // CNNVD: CNNVD-201707-140 // NVD: CVE-2017-10949

PROBLEMTYPE DATA

problemtype:CWE-22

Trust: 1.9

sources: VULHUB: VHN-101322 // JVNDB: JVNDB-2017-006915 // NVD: CVE-2017-10949

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201707-140

TYPE

path traversal

Trust: 0.6

sources: CNNVD: CNNVD-201707-140

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2017-006915

PATCH
title:Dell Storage Manager 2016 R3 Release Notesurl:http://topics-cdn.dell.com/pdf/dell-compellent-sc8000_release%20notes24_en-us.pdf
Trust: 1.5
sources:
            
            
            ZDI: ZDI-17-523 // 
            
            
            
            JVNDB: JVNDB-2017-006915

EXTERNAL IDS
db:NVDid:CVE-2017-10949
Trust: 3.5
db:ZDIid:ZDI-17-523
Trust: 3.5
db:BIDid:100138
Trust: 2.0
db:JVNDBid:JVNDB-2017-006915
Trust: 0.8
db:ZDI_CANid:ZDI-CAN-4459
Trust: 0.7
db:CNNVDid:CNNVD-201707-140
Trust: 0.7
db:NSFOCUSid:37306
Trust: 0.6
db:VULHUBid:VHN-101322
Trust: 0.1
sources:
            
            
            ZDI: ZDI-17-523 // 
            
            
            
            VULHUB: VHN-101322 // 
            
            
            
            BID: 100138 // 
            
            
            
            JVNDB: JVNDB-2017-006915 // 
            
            
            
            CNNVD: CNNVD-201707-140 // 
            
            
            
            NVD: CVE-2017-10949

REFERENCES
url:http://topics-cdn.dell.com/pdf/dell-compellent-sc8000_release%20notes24_en-us.pdf
Trust: 2.7
url:http://www.securityfocus.com/bid/100138
Trust: 1.7
url:http://www.zerodayinitiative.com/advisories/zdi-17-523
Trust: 1.7
url:http://www.zerodayinitiative.com/advisories/zdi-17-523/
Trust: 1.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-10949
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2017-10949
Trust: 0.8
url:http://www.nsfocus.net/vulndb/37306
Trust: 0.6
url:http://dell.com
Trust: 0.3
sources:
            
            
            ZDI: ZDI-17-523 // 
            
            
            
            VULHUB: VHN-101322 // 
            
            
            
            BID: 100138 // 
            
            
            
            JVNDB: JVNDB-2017-006915 // 
            
            
            
            CNNVD: CNNVD-201707-140 // 
            
            
            
            NVD: CVE-2017-10949

CREDITS
rgod
Trust: 1.0
sources:
            
            
            ZDI: ZDI-17-523 // 
            
            
            
            BID: 100138

SOURCES
db:ZDIid:ZDI-17-523
db:VULHUBid:VHN-101322
db:BIDid:100138
db:JVNDBid:JVNDB-2017-006915
db:CNNVDid:CNNVD-201707-140
db:NVDid:CVE-2017-10949

LAST UPDATE DATE
2025-04-20T23:13:02.182000+00:00

SOURCES UPDATE DATE
db:ZDIid:ZDI-17-523date:2017-08-02T00:00:00
db:VULHUBid:VHN-101322date:2017-08-15T00:00:00
db:BIDid:100138date:2017-08-02T00:00:00
db:JVNDBid:JVNDB-2017-006915date:2017-09-06T00:00:00
db:CNNVDid:CNNVD-201707-140date:2017-08-07T00:00:00
db:NVDid:CVE-2017-10949date:2025-04-20T01:37:25.860

SOURCES RELEASE DATE
db:ZDIid:ZDI-17-523date:2017-08-02T00:00:00
db:VULHUBid:VHN-101322date:2017-08-04T00:00:00
db:BIDid:100138date:2017-08-02T00:00:00
db:JVNDBid:JVNDB-2017-006915date:2017-09-06T00:00:00
db:CNNVDid:CNNVD-201707-140date:2017-07-06T00:00:00
db:NVDid:CVE-2017-10949date:2017-08-04T15:29:00.230