Sign-up

ID

VAR-201709-1104


CVE

CVE-2017-8012


TITLE

plural EMC Access control vulnerabilities in products

Trust: 0.8

sources: JVNDB: JVNDB-2017-008471

DESCRIPTION

In EMC ViPR SRM, Storage M&R, VNX M&R, and M&R (Watch4Net) for SAS Solution Packs, the Java Management Extensions (JMX) protocol used to communicate between components in the Alerting and/or Compliance components can be leveraged to create a denial of service (DoS) condition. Attackers with knowledge of JMX agent user credentials could potentially exploit this vulnerability to create arbitrary files on the affected system and create a DoS condition by leveraging inherent JMX protocol capabilities. This vulnerability allows remote attackers to create a denial of service on vulnerable installations of Dell EMC VNX Monitoring and Reporting. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within an exposed RMI registry, which listens on TCP port 52569 by default. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to create a denial-of-service condition to users of the system. Multiple EMC products are prone to a denial-of-service vulnerability. Remote attackers may exploit this issue to cause denial-of-service conditions, denying service to legitimate users. The following EMC products are vulnerable: EMC ViPR SRM EMC Storage M&R EMC VNX M&R EMC M&R (Watch4Net) for SAS Solution Packs. Details: * Directory Traversal Vulnerability (CVE-2017-8007) Webservice Gateway used in these products is affected by a directory traversal vulnerability. Please see ESA-2017-089 for more details on how to change the credentials. * Customers are strongly advised to review product documentation and use firewall controls to limit access to WebService Gateway and all other internal ports only to those servers that require access to them. o For vApp installations, please review Knowledge Base article 503844 (https://support.emc.com/kb/503844) for guidance on making firewall changes within the vApp. Mitigation information for CVE-2017-8012 for all customers: * Change any default JMX agent credentials. Please see ESA-2017-089 for more details on how to change the credentials. * Review product documentation and use firewall controls to limit access to the JMX ports and all other internal ports only to those servers that require access to them. o For vApp installations, please review Knowledge Base article 503844 (https://support.emc.com/kb/503844) for guidance on making firewall changes within the vApp. * Future releases will contain further measures to remove or harden communication via the JMX protocol. EMC VNX M&R customers must migrate to EMC Storage M&R version 4.1 or later to receive future security fixes. Link to remedies: * For EMC ViPR SRM and EMC Storage M&R, registered EMC Online Support customers can download patches and software from support.emc.com at: https://support.emc.com/downloads/34247_ViPR-SRM. * For EMC M&R (Watch4Net) for SAS Solution Packs, registered EMC Online Support customers can download patches and software from support.emc.com at: https://support.emc.com/downloads/6175_Smarts-Service-Assurance-Manager * For VNX M&R, registered EMC Online Support customers can follow the mitigation steps described above. Credits: EMC would like to thank rgod working with Trend Micro's Zero Day Initiative for reporting these vulnerabilities. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQEcBAEBCAAGBQJZwl9WAAoJEHbcu+fsE81ZLegH+wU8RTmKZt33ThZsOJcGekEJ CuD+v/JawNGDxK6nheFPreMa/IQRTTskGeVmbqypcV6Gh5pfx711OYzMnXBsufqH LNNywQ6q1hsM5LPYkZ1hu9bHcotM5Uvd80Lpsld1xU3TGbU+ruULPK2WY1QHcIyL IvU43HW803SCTS5lNaL+OKX3Coa+UUW1t7psJ0mVdCC3U19Qh+RrZPSnyHBThe5Z Btho0WoKauY+jqO6RxML+BT8D02Dn/+kjnlWyaca0QTXu8k0oEBqLI+vnO+KJCKY HxkxI1uvWsWy+z7x3MdsatFCl9ksMpXsWBoPR4EgZGbebDX38R9+ww/ryWQDPQ8= =jk2j -----END PGP SIGNATURE-----

Trust: 2.7

sources: NVD: CVE-2017-8012 // JVNDB: JVNDB-2017-008471 // ZDI: ZDI-17-826 // BID: 100982 // VULMON: CVE-2017-8012 // PACKETSTORM: 144273

AFFECTED PRODUCTS

vendor:dellmodel:emc m\&rscope:eqversion:*

Trust: 1.0

vendor:dellmodel:emc vnx monitoring and reportingscope:eqversion:*

Trust: 1.0

vendor:dellmodel:emc vipr srmscope:lteversion:4.0.2

Trust: 1.0

vendor:dellmodel:emc storage monitoring and reportingscope:eqversion:*

Trust: 1.0

vendor:dell emc old emcmodel:m&rscope:eqversion:(watch4net) for sas solution packs

Trust: 0.8

vendor:dell emc old emcmodel:storage m&rscope: - version: -

Trust: 0.8

vendor:dell emc old emcmodel:vnx m&rscope: - version: -

Trust: 0.8

vendor:dell emc old emcmodel:vipr srmscope: - version: -

Trust: 0.8

vendor:dell emcmodel:vnx monitoring and reportingscope: - version: -

Trust: 0.7

vendor:emcmodel:storage m\&rscope: - version: -

Trust: 0.6

vendor:emcmodel:vnx m\&rscope: - version: -

Trust: 0.6

vendor:emcmodel:vipr srmscope:eqversion:4.0.2

Trust: 0.6

vendor:emcmodel:m\&rscope: - version: -

Trust: 0.6

vendor:emcmodel:vnx m&rscope:eqversion:0

Trust: 0.3

vendor:emcmodel:vipr srmscope:eqversion:0

Trust: 0.3

vendor:emcmodel:storage m&rscope:eqversion:0

Trust: 0.3

vendor:emcmodel:m&r for sas solution packsscope:eqversion:0

Trust: 0.3

sources: ZDI: ZDI-17-826 // BID: 100982 // JVNDB: JVNDB-2017-008471 // CNNVD: CNNVD-201709-1151 // NVD: CVE-2017-8012

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2017-8012
value: HIGH

Trust: 1.0

NVD: CVE-2017-8012
value: HIGH

Trust: 0.8

ZDI: CVE-2017-8012
value: MEDIUM

Trust: 0.7

CNNVD: CNNVD-201709-1151
value: HIGH

Trust: 0.6

VULMON: CVE-2017-8012
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2017-8012
severity: MEDIUM
baseScore: 5.8
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 4.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

ZDI: CVE-2017-8012
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:L/AU:S/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 8.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.7

nvd@nist.gov: CVE-2017-8012
baseSeverity: HIGH
baseScore: 7.4
vectorString: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H
attackVector: NETWORK
attackComplexity: HIGH
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.2
impactScore: 5.2
version: 3.1

Trust: 1.0

NVD: CVE-2017-8012
baseSeverity: HIGH
baseScore: 7.4
vectorString: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H
attackVector: NETWORK
attackComplexity: HIGH
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: ZDI: ZDI-17-826 // VULMON: CVE-2017-8012 // JVNDB: JVNDB-2017-008471 // CNNVD: CNNVD-201709-1151 // NVD: CVE-2017-8012

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

problemtype:CWE-284

Trust: 0.8

sources: JVNDB: JVNDB-2017-008471 // NVD: CVE-2017-8012

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201709-1151

TYPE

lack of information

Trust: 0.6

sources: CNNVD: CNNVD-201709-1151

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2017-008471

PATCH
title:Top Pageurl:https://japan.emc.com/about/index.htm
Trust: 0.8
title:Dell EMC has issued an update to correct this vulnerability.url:http://seclists.org/fulldisclosure/2017/Sep/51
Trust: 0.7
title:Multiple EMC Product security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=75106
Trust: 0.6
title:Java-Deserialization-Cheat-Sheeturl:https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet 
Trust: 0.1
title:Java-Deserialization-CVEsurl:https://github.com/PalindromeLabs/Java-Deserialization-CVEs 
Trust: 0.1
sources:
            
            
            ZDI: ZDI-17-826 // 
            
            
            
            VULMON: CVE-2017-8012 // 
            
            
            
            JVNDB: JVNDB-2017-008471 // 
            
            
            
            CNNVD: CNNVD-201709-1151

EXTERNAL IDS
db:NVDid:CVE-2017-8012
Trust: 3.6
db:BIDid:100982
Trust: 2.0
db:SECTRACKid:1039418
Trust: 1.7
db:SECTRACKid:1039417
Trust: 1.7
db:JVNDBid:JVNDB-2017-008471
Trust: 0.8
db:ZDI_CANid:ZDI-CAN-4807
Trust: 0.7
db:ZDIid:ZDI-17-826
Trust: 0.7
db:CNNVDid:CNNVD-201709-1151
Trust: 0.6
db:VULMONid:CVE-2017-8012
Trust: 0.1
db:PACKETSTORMid:144273
Trust: 0.1
sources:
            
            
            ZDI: ZDI-17-826 // 
            
            
            
            VULMON: CVE-2017-8012 // 
            
            
            
            BID: 100982 // 
            
            
            
            JVNDB: JVNDB-2017-008471 // 
            
            
            
            PACKETSTORM: 144273 // 
            
            
            
            CNNVD: CNNVD-201709-1151 // 
            
            
            
            NVD: CVE-2017-8012

REFERENCES
url:http://seclists.org/fulldisclosure/2017/sep/51
Trust: 3.5
url:http://www.securityfocus.com/bid/100982
Trust: 1.8
url:http://www.securitytracker.com/id/1039418
Trust: 1.7
url:http://www.securitytracker.com/id/1039417
Trust: 1.7
url:https://nvd.nist.gov/vuln/detail/cve-2017-8012
Trust: 0.9
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-8012
Trust: 0.8
url:http://www.emc.com/
Trust: 0.3
url:https://cwe.mitre.org/data/definitions/.html
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
url:https://github.com/grrrdog/java-deserialization-cheat-sheet
Trust: 0.1
url:https://support.emc.com/downloads/6175_smarts-service-assurance-manager
Trust: 0.1
url:https://support.emc.com/kb/503844)
Trust: 0.1
url:https://support.emc.com/downloads/34247_vipr-srm.
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2017-8007
Trust: 0.1
sources:
            
            
            ZDI: ZDI-17-826 // 
            
            
            
            VULMON: CVE-2017-8012 // 
            
            
            
            BID: 100982 // 
            
            
            
            JVNDB: JVNDB-2017-008471 // 
            
            
            
            PACKETSTORM: 144273 // 
            
            
            
            CNNVD: CNNVD-201709-1151 // 
            
            
            
            NVD: CVE-2017-8012

CREDITS
rgod
Trust: 1.1
sources:
            
            
            ZDI: ZDI-17-826 // 
            
            
            
            BID: 100982 // 
            
            
            
            PACKETSTORM: 144273

SOURCES
db:ZDIid:ZDI-17-826
db:VULMONid:CVE-2017-8012
db:BIDid:100982
db:JVNDBid:JVNDB-2017-008471
db:PACKETSTORMid:144273
db:CNNVDid:CNNVD-201709-1151
db:NVDid:CVE-2017-8012

LAST UPDATE DATE
2025-04-20T23:12:54.685000+00:00

SOURCES UPDATE DATE
db:ZDIid:ZDI-17-826date:2017-09-26T00:00:00
db:VULMONid:CVE-2017-8012date:2021-09-13T00:00:00
db:BIDid:100982date:2017-09-21T00:00:00
db:JVNDBid:JVNDB-2017-008471date:2017-10-19T00:00:00
db:CNNVDid:CNNVD-201709-1151date:2019-10-23T00:00:00
db:NVDid:CVE-2017-8012date:2025-04-20T01:37:25.860

SOURCES RELEASE DATE
db:ZDIid:ZDI-17-826date:2017-09-26T00:00:00
db:VULMONid:CVE-2017-8012date:2017-09-22T00:00:00
db:BIDid:100982date:2017-09-21T00:00:00
db:JVNDBid:JVNDB-2017-008471date:2017-10-19T00:00:00
db:PACKETSTORMid:144273date:2017-09-20T22:33:33
db:CNNVDid:CNNVD-201709-1151date:2017-09-28T00:00:00
db:NVDid:CVE-2017-8012date:2017-09-22T01:29:25.500