Details of VAR-201812-0039

ID

VAR-201812-0039

CVE

CVE-2018-15776

TITLE

Dell EMC iDRAC7 and iDRAC8 Error handling vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2018-014039

DESCRIPTION

Dell EMC iDRAC7/iDRAC8 versions prior to 2.61.60.60 contain an improper error handling vulnerability. An unauthenticated attacker with physical access to the system could potentially exploit this vulnerability to get access to the u-boot shell. Dell EMC iDRAC is prone to the following security vulnerabilities: 1. A privilege-escalation vulnerability 2. A local unauthorized-access vulnerability An attacker can exploit this issue to run processes with elevated privileges, gain unauthorized access and execute arbitrary commands with user privileges in context of the affected application. This solution provides functions such as remote management, crash recovery and power control for Dell PowerEdge systems

Trust: 2.07

sources: NVD: CVE-2018-15776 // JVNDB: JVNDB-2018-014039 // BID: 106233 // VULHUB: VHN-126069 // VULMON: CVE-2018-15776

AFFECTED PRODUCTS

vendor:	dell	model:	idrac7	scope:	lt	version:	2.61.60.60	Trust: 1.8
vendor:	dell	model:	idrac8	scope:	lt	version:	2.61.60.60	Trust: 1.8
vendor:	dell	model:	idrac9	scope:	eq	version:	3.20.20.20	Trust: 0.3
vendor:	dell	model:	idrac9	scope:	eq	version:	3.19.19.19	Trust: 0.3
vendor:	dell	model:	idrac9	scope:	eq	version:	3.18.18.18	Trust: 0.3
vendor:	dell	model:	idrac9	scope:	eq	version:	3.17.20.17	Trust: 0.3
vendor:	dell	model:	idrac9	scope:	eq	version:	3.17.18.17	Trust: 0.3
vendor:	dell	model:	idrac9	scope:	eq	version:	3.17.17.17	Trust: 0.3
vendor:	dell	model:	idrac9	scope:	eq	version:	3.16.16.16	Trust: 0.3
vendor:	dell	model:	idrac9	scope:	eq	version:	3.15.19.15	Trust: 0.3
vendor:	dell	model:	idrac9	scope:	eq	version:	3.15.17.15	Trust: 0.3
vendor:	dell	model:	idrac9	scope:	eq	version:	3.15.15.15	Trust: 0.3
vendor:	dell	model:	idrac9	scope:	eq	version:	3.11.11.11	Trust: 0.3
vendor:	dell	model:	idrac9	scope:	eq	version:	3.00.00.00	Trust: 0.3
vendor:	dell	model:	idrac8	scope:	eq	version:	0	Trust: 0.3
vendor:	dell	model:	idrac7	scope:	eq	version:	0	Trust: 0.3
vendor:	dell	model:	idrac6	scope:	eq	version:	0	Trust: 0.3
vendor:	dell	model:	idrac9	scope:	ne	version:	3.23.23.23	Trust: 0.3
vendor:	dell	model:	idrac9	scope:	ne	version:	3.21.26.22	Trust: 0.3
vendor:	dell	model:	idrac9	scope:	ne	version:	3.21.24.22	Trust: 0.3
vendor:	dell	model:	idrac9	scope:	ne	version:	3.20.21.20	Trust: 0.3
vendor:	dell	model:	idrac8	scope:	ne	version:	2.61.60.60	Trust: 0.3
vendor:	dell	model:	idrac7	scope:	ne	version:	2.61.60.60	Trust: 0.3

sources: BID: 106233 // JVNDB: JVNDB-2018-014039 // NVD: CVE-2018-15776

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2018-15776
value:	MEDIUM
Trust: 1.0
security_alert@emc.com:	CVE-2018-15776
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2018-15776
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-201812-673
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-126069
value:	MEDIUM
Trust: 0.1
VULMON:	CVE-2018-15776
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2018-15776
severity:	MEDIUM
baseScore:	4.6
vectorString:	AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	3.9
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
VULHUB:	VHN-126069
severity:	MEDIUM
baseScore:	4.6
vectorString:	AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	3.9
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2018-15776
baseSeverity:	MEDIUM
baseScore:	6.8
vectorString:	CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	PHYSICAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	0.9
impactScore:	5.9
version:	3.0
Trust: 1.8
security_alert@emc.com:	CVE-2018-15776
baseSeverity:	MEDIUM
baseScore:	6.4
vectorString:	CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	PHYSICAL
attackComplexity:	HIGH
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	0.5
impactScore:	5.9
version:	3.0
Trust: 1.0

sources: VULHUB: VHN-126069 // VULMON: CVE-2018-15776 // JVNDB: JVNDB-2018-014039 // CNNVD: CNNVD-201812-673 // NVD: CVE-2018-15776 // NVD: CVE-2018-15776

PROBLEMTYPE DATA

problemtype:	NVD-CWE-noinfo	Trust: 1.0
problemtype:	CWE-388	Trust: 0.9

sources: VULHUB: VHN-126069 // JVNDB: JVNDB-2018-014039 // NVD: CVE-2018-15776

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-201812-673

TYPE

code problem

Trust: 0.6

sources: CNNVD: CNNVD-201812-673

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-014039

PATCH

title:	Dell EMC iDRAC の複数の脆弱性 (cve-2018-15774 および cve-2018-15776)	url:	https://www.dell.com/support/article/jp/ja/jpdhs1/sln315190/dell-emc-idrac-の複数の脆弱性-cve-2018-15774-および-cve-2018-15776?lang=ja	Trust: 0.8
title:	Dell EMC iDRAC7 and iDRAC8 Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=87908	Trust: 0.6
title:	reverse-engineering-dell-idrac-to-get-rid-of-gpu-throttling	url:	https://github.com/l4rz/reverse-engineering-dell-idrac-to-get-rid-of-gpu-throttling	Trust: 0.1
title:	-	url:	https://github.com/chnzzh/iDRAC-CVE-lib	Trust: 0.1

sources: VULMON: CVE-2018-15776 // JVNDB: JVNDB-2018-014039 // CNNVD: CNNVD-201812-673

EXTERNAL IDS

db:	BID	id:	106233	Trust: 2.9
db:	NVD	id:	CVE-2018-15776	Trust: 2.9
db:	JVNDB	id:	JVNDB-2018-014039	Trust: 0.8
db:	CNNVD	id:	CNNVD-201812-673	Trust: 0.7
db:	CNVD	id:	CNVD-2020-15728	Trust: 0.1
db:	VULHUB	id:	VHN-126069	Trust: 0.1
db:	VULMON	id:	CVE-2018-15776	Trust: 0.1

sources: VULHUB: VHN-126069 // VULMON: CVE-2018-15776 // BID: 106233 // JVNDB: JVNDB-2018-014039 // CNNVD: CNNVD-201812-673 // NVD: CVE-2018-15776

REFERENCES

url:	http://www.securityfocus.com/bid/106233	Trust: 2.7
url:	https://www.dell.com/support/article/us/en/19/sln315190/dell-emc-idrac-multiple-vulnerabilities-cve-2018-15774-and-cve-2018-15776-?lang=en	Trust: 2.1
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-15776	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2018-15776	Trust: 0.8
url:	https://www.dellemc.com/en-us/index.htm	Trust: 0.3
url:	https://cwe.mitre.org/data/definitions/.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://github.com/l4rz/reverse-engineering-dell-idrac-to-get-rid-of-gpu-throttling	Trust: 0.1

sources: VULHUB: VHN-126069 // VULMON: CVE-2018-15776 // BID: 106233 // JVNDB: JVNDB-2018-014039 // CNNVD: CNNVD-201812-673 // NVD: CVE-2018-15776

CREDITS

Jon Sands and Adam Nielsen

Trust: 0.3

sources: BID: 106233

SOURCES

db:	VULHUB	id:	VHN-126069
db:	VULMON	id:	CVE-2018-15776
db:	BID	id:	106233
db:	JVNDB	id:	JVNDB-2018-014039
db:	CNNVD	id:	CNNVD-201812-673
db:	NVD	id:	CVE-2018-15776

LAST UPDATE DATE

2024-11-23T22:51:54.134000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-126069	date:	2020-08-24T00:00:00
db:	VULMON	id:	CVE-2018-15776	date:	2020-08-24T00:00:00
db:	BID	id:	106233	date:	2018-12-13T00:00:00
db:	JVNDB	id:	JVNDB-2018-014039	date:	2019-03-11T00:00:00
db:	CNNVD	id:	CNNVD-201812-673	date:	2020-10-22T00:00:00
db:	NVD	id:	CVE-2018-15776	date:	2024-11-21T03:51:26.940

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-126069	date:	2018-12-13T00:00:00
db:	VULMON	id:	CVE-2018-15776	date:	2018-12-13T00:00:00
db:	BID	id:	106233	date:	2018-12-13T00:00:00
db:	JVNDB	id:	JVNDB-2018-014039	date:	2019-03-11T00:00:00
db:	CNNVD	id:	CNNVD-201812-673	date:	2018-12-14T00:00:00
db:	NVD	id:	CVE-2018-15776	date:	2018-12-13T22:29:00.377