Sign-up

ID

VAR-201803-1418


CVE

CVE-2018-1215


TITLE

plural Dell EMC Product unrestricted upload vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2018-002723

DESCRIPTION

An arbitrary file upload vulnerability was discovered in vApp Manager which is embedded in Dell EMC Unisphere for VMAX, Dell EMC Solutions Enabler, Dell EMC VASA Virtual Appliances, and Dell EMC VMAX Embedded Management (eManagement): Dell EMC Unisphere for VMAX Virtual Appliance versions prior to 8.4.0.18, Dell EMC Solutions Enabler Virtual Appliance versions prior to 8.4.0.21, Dell EMC VASA Virtual Appliance versions prior to 8.4.0.514, and Dell EMC VMAX Embedded Management (eManagement) versions prior to and including 1.4 (Enginuity Release 5977.1125.1125 and earlier). A remote authenticated malicious user may potentially upload arbitrary maliciously crafted files in any location on the web server. By chaining this vulnerability with CVE-2018-1216, the attacker may use the default account to exploit this vulnerability. plural Dell EMC The product contains a vulnerability related to unlimited uploads of dangerous types of files.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. DellEMC UnisphereforVMAXVirtualAppliance and others are products of Dell Corporation of the United States. DellEMCUnisphereforVMAXVirtualAppliance(vApp) is a management tool for VMAX storage arrays. EMCSolutionsEnablerVirtualAppliance is a solution application virtual appliance. Any file upload vulnerability exists in several Dell products. CVSS v3 Base Score: 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) CVE-2018-1216 Hard-coded password vulnerability The vApp Manager contains an undocumented default account (OsmcO) with a hard-coded password that may be used with certain web servlets. A remote attacker with the knowledge of the hard-coded password and the message format may use vulnerable servlets to gain unauthorized access to the system. Note: This account cannot be used to log in via the web user interface. Note: The default account OsmcO has been removed for all fresh installations of versions of the products that contain the fixes. The account cannot be removed from the user database for upgrade situations, however all servlets that use this account have been removed from the application making the account obsolete. Open a Service Request to have the hotfix or ePack installed. Contact Dell EMC Support with any questions. Credits: Dell EMC would like to thank Carlos Perez from Tenable for reporting these vulnerabilities. For an explanation of Severity Ratings, refer to Dell EMC Knowledgebase article 468307. Dell EMC recommends all customers take into account both the base score and any relevant temporal and environmental scores which may impact the potential severity associated with particular security vulnerability. Legal Information: Read and use the information in this Dell EMC Security Advisory to assist in avoiding any situation that might arise from the problems described herein. If you have any questions regarding this product alert, contact Dell EMC Technical Support at 1-877-534-2867. Dell EMC recommends that all users determine the applicability of this information to their individual situations and take appropriate action. The information set forth herein is provided "as is" without warranty of any kind. Dell EMC disclaims all warranties, either express or implied, including the warranties of merchantability, fitness for a particular purpose, title and non-infringement. In no event, shall Dell EMC or its suppliers, be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Dell EMC or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages, so the foregoing limitation may not apply. Dell EMC Product Security Response Center security_alert@emc.com -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQEcBAEBCgAGBQJagPFFAAoJEHbcu+fsE81ZivMH/0s0r4XFxvW9tL+l8zkGdJIc uRjYTAr5iE4I8PaLw0S/MYVIr2YbpBcaP5QuUbNENWr/aaPHtccE3Gou6Bv72FK0 CU2qMdV9kjWbhHvbIjrnS2RsNjTekWSIDjYJPdkHk03thutYa3Loy7bX42LJe6E7 +slgZjR5zkATMvGis2R/nEj40phxxA+I/dUJIMjbT7emBCSBL5IAlvmuznzChm31 hklk6F/YDI/iOC8GBo0PwNf2F6PBUJbR78B6ppLeHP8AygLdu/AZZX/5eHyDGBiS 8eHATltqjU5I8X7fnjKl8UtoL1ohw72tMROiN9164N2xoJQwasMX6Rs3eNpru2c= =HaYf -----END PGP SIGNATURE-----

Trust: 2.7

sources: NVD: CVE-2018-1215 // JVNDB: JVNDB-2018-002723 // CNVD: CNVD-2018-06093 // BID: 103039 // VULHUB: VHN-122080 // VULMON: CVE-2018-1215 // PACKETSTORM: 146367

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2018-06093

AFFECTED PRODUCTS

vendor:dellmodel:emc vmax embedded managementscope:eqversion:1.4

Trust: 1.5

vendor:dellmodel:emc unisphere for vmax virtual appliancescope:ltversion:8.4.0.18

Trust: 1.0

vendor:dellmodel:emc vmax embedded managementscope:lteversion:1.4

Trust: 1.0

vendor:dellmodel:emc vasa virtual appliancescope:ltversion:8.4.0.514

Trust: 1.0

vendor:dellmodel:emc solutions enabler virtual appliancescope:ltversion:8.4.0.21

Trust: 1.0

vendor:dellmodel:emc vasa virtual appliancescope:eqversion:8.4.0.512

Trust: 0.9

vendor:dellmodel:emc unisphere for vmaxscope:eqversion:8.3

Trust: 0.9

vendor:dellmodel:emc unisphere for vmaxscope:eqversion:8.2

Trust: 0.9

vendor:dellmodel:emc unisphere for vmaxscope:eqversion:8.4.0.15

Trust: 0.9

vendor:dellmodel:emc solutions enablerscope:eqversion:8.1.0.3

Trust: 0.9

vendor:dellmodel:emc solutions enablerscope:eqversion:8.4.0.15

Trust: 0.9

vendor:dellmodel:emc solutions enablerscope:eqversion:8.2

Trust: 0.9

vendor:dellmodel:emc solutions enablerscope:eqversion:8.3

Trust: 0.9

vendor:dell emc old emcmodel:vmax embedded managementscope:lteversion:1.4 (enginuity release 5977.1125.1125 )

Trust: 0.8

vendor:dell emc old emcmodel:solutions enablerscope:ltversion:virtual appliance 8.4.0.21

Trust: 0.8

vendor:dell emc old emcmodel:unispherescope:ltversion:for vmax virtual appliance 8.4.0.18

Trust: 0.8

vendor:dell emc old emcmodel:vasa virtual appliancescope:ltversion:8.4.0.514

Trust: 0.8

sources: CNVD: CNVD-2018-06093 // BID: 103039 // JVNDB: JVNDB-2018-002723 // CNNVD: CNNVD-201803-238 // NVD: CVE-2018-1215

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-1215
value: HIGH

Trust: 1.0

NVD: CVE-2018-1215
value: HIGH

Trust: 0.8

CNVD: CNVD-2018-06093
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201803-238
value: CRITICAL

Trust: 0.6

VULHUB: VHN-122080
value: HIGH

Trust: 0.1

VULMON: CVE-2018-1215
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2018-1215
severity: HIGH
baseScore: 9.0
vectorString: AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

CNVD: CNVD-2018-06093
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-122080
severity: HIGH
baseScore: 9.0
vectorString: AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2018-1215
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.9
version: 3.0

Trust: 1.8

sources: CNVD: CNVD-2018-06093 // VULHUB: VHN-122080 // VULMON: CVE-2018-1215 // JVNDB: JVNDB-2018-002723 // CNNVD: CNNVD-201803-238 // NVD: CVE-2018-1215

PROBLEMTYPE DATA

problemtype:CWE-434

Trust: 1.9

sources: VULHUB: VHN-122080 // JVNDB: JVNDB-2018-002723 // NVD: CVE-2018-1215

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201803-238

TYPE

lack of information

Trust: 0.6

sources: CNNVD: CNNVD-201803-238

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2018-002723

EXPLOIT AVAILABILITY
sources:
            
            
            VULHUB: VHN-122080

PATCH
title:Top Pageurl:https://www.dellemc.com/en-us/index.htm
Trust: 0.8
title:Patches for arbitrary file upload vulnerabilities in several Dell productsurl:https://www.cnvd.org.cn/patchInfo/show/123003
Trust: 0.6
title:Multiple Dell Product security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=78974
Trust: 0.6
title:The Registerurl:https://www.theregister.co.uk/2018/02/15/sell_emc_patches_vmax_virtual_appliance_vulnerabilities/
Trust: 0.1
title:Threatposturl:https://threatpost.com/dell-emc-patches-critical-flaws-in-vmax-enterprise-storage-systems/129952/
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2018-06093 // 
            
            
            
            VULMON: CVE-2018-1215 // 
            
            
            
            JVNDB: JVNDB-2018-002723 // 
            
            
            
            CNNVD: CNNVD-201803-238

EXTERNAL IDS
db:NVDid:CVE-2018-1215
Trust: 3.6
db:BIDid:103039
Trust: 2.9
db:TENABLEid:TRA-2018-03
Trust: 1.2
db:SECTRACKid:1040383
Trust: 1.2
db:JVNDBid:JVNDB-2018-002723
Trust: 0.8
db:CNNVDid:CNNVD-201803-238
Trust: 0.7
db:CNVDid:CNVD-2018-06093
Trust: 0.6
db:PACKETSTORMid:146367
Trust: 0.2
db:VULHUBid:VHN-122080
Trust: 0.1
db:VULMONid:CVE-2018-1215
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2018-06093 // 
            
            
            
            VULHUB: VHN-122080 // 
            
            
            
            VULMON: CVE-2018-1215 // 
            
            
            
            BID: 103039 // 
            
            
            
            JVNDB: JVNDB-2018-002723 // 
            
            
            
            PACKETSTORM: 146367 // 
            
            
            
            CNNVD: CNNVD-201803-238 // 
            
            
            
            NVD: CVE-2018-1215

REFERENCES
url:http://seclists.org/fulldisclosure/2018/feb/41
Trust: 3.2
url:http://www.securityfocus.com/bid/103039
Trust: 2.0
url:https://www.tenable.com/security/research/tra-2018-03
Trust: 1.2
url:http://www.securitytracker.com/id/1040383
Trust: 1.2
url:https://nvd.nist.gov/vuln/detail/cve-2018-1215
Trust: 0.9
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-1215
Trust: 0.8
url:http://dell.com
Trust: 0.3
url:http://seclists.org/fulldisclosure/2018/feb/att-38/dsa-2018-024.txt
Trust: 0.3
url:https://cwe.mitre.org/data/definitions/434.html
Trust: 0.1
url:https://tools.cisco.com/security/center/viewalert.x?alertid=56814
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
url:https://threatpost.com/dell-emc-patches-critical-flaws-in-vmax-enterprise-storage-systems/129952/
Trust: 0.1
url:https://support.emc.com/downloads/40557_vasa-provider.
Trust: 0.1
url:https://gpgtools.org
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2018-1216
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2018-06093 // 
            
            
            
            VULHUB: VHN-122080 // 
            
            
            
            VULMON: CVE-2018-1215 // 
            
            
            
            BID: 103039 // 
            
            
            
            JVNDB: JVNDB-2018-002723 // 
            
            
            
            PACKETSTORM: 146367 // 
            
            
            
            CNNVD: CNNVD-201803-238 // 
            
            
            
            NVD: CVE-2018-1215

CREDITS
Carlos Perez from Tenable
Trust: 0.3
sources:
            
            
            BID: 103039

SOURCES
db:CNVDid:CNVD-2018-06093
db:VULHUBid:VHN-122080
db:VULMONid:CVE-2018-1215
db:BIDid:103039
db:JVNDBid:JVNDB-2018-002723
db:PACKETSTORMid:146367
db:CNNVDid:CNNVD-201803-238
db:NVDid:CVE-2018-1215

LAST UPDATE DATE
2024-11-23T22:12:38.502000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2018-06093date:2018-03-23T00:00:00
db:VULHUBid:VHN-122080date:2018-03-29T00:00:00
db:VULMONid:CVE-2018-1215date:2018-03-29T00:00:00
db:BIDid:103039date:2018-02-12T00:00:00
db:JVNDBid:JVNDB-2018-002723date:2018-04-26T00:00:00
db:CNNVDid:CNNVD-201803-238date:2018-03-09T00:00:00
db:NVDid:CVE-2018-1215date:2024-11-21T03:59:24.370

SOURCES RELEASE DATE
db:CNVDid:CNVD-2018-06093date:2018-03-23T00:00:00
db:VULHUBid:VHN-122080date:2018-03-08T00:00:00
db:VULMONid:CVE-2018-1215date:2018-03-08T00:00:00
db:BIDid:103039date:2018-02-12T00:00:00
db:JVNDBid:JVNDB-2018-002723date:2018-04-26T00:00:00
db:PACKETSTORMid:146367date:2018-02-13T17:32:32
db:CNNVDid:CNNVD-201803-238date:2018-03-09T00:00:00
db:NVDid:CVE-2018-1215date:2018-03-08T15:29:00.563