Sign-up

ID

VAR-201904-0539


CVE

CVE-2017-8023


TITLE

EMC NetWorker Authentication vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2017-014416

DESCRIPTION

EMC NetWorker may potentially be vulnerable to an unauthenticated remote code execution vulnerability in the Networker Client execution service (nsrexecd) when oldauth authentication method is used. An unauthenticated remote attacker could send arbitrary commands via RPC service to be executed on the host system with the privileges of the nsrexecd service, which runs with administrative privileges. EMC NetWorker Contains an authentication vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Dell EMC NetWorker is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. The following products are affected: Dell EMC NetWorker versions 8.2.x Dell EMC NetWorker versions 9.0.x Dell EMC NetWorker versions prior to 9.1.1.5 Dell EMC NetWorker versions prior to 9.2.1. The software provides backup and recovery, deduplication, backup reporting, and more. Use nsrauth exclusively and do not allow a fallback to oldauth. 2. For customers who must use oldauth, ensure all 'servers' files are properly configured and review the "Restricting remote program executions and client-tasking rights" section in the EMC NetWorker Security Configuration Guide for how to update the servers file. EMC recommends all customers upgrade at the earliest opportunity. Oldauth is an insecure authentication mode and supported for compatibility purposes only. Customers are strongly recommended to use nsrauth exclusively in their environment. Dell EMC recommends all customers take into account both the base score and any relevant temporal and environmental scores which may impact the potential severity associated with particular security vulnerability. Legal Information: Read and use the information in this Dell EMC Security Advisory to assist in avoiding any situation that might arise from the problems described herein. If you have any questions regarding this product alert, contact Dell EMC Software Technical Support at 1-877-534-2867. Dell EMC recommends that all users determine the applicability of this information to their individual situations and take appropriate action. The information set forth herein is provided "as is" without warranty of any kind. Dell EMC disclaims all warranties, either express or implied, including the warranties of merchantability, fitness for a particular purpose, title and non-infringement. In no event, shall Dell EMC or its suppliers, be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or spe cial damages, even if Dell EMC or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages, so the foregoing limitation may not apply. -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEP5nobPoCj3pTvhAZgSlofD2Yi6cFAlyVNowACgkQgSlofD2Y i6d1Uw//bMPx1u7Eg7q8oa5+Cuoi90nP4WqhOfUHw/2p7ocXJZ9zpwHgQGS2b+XL Et1WPLt/HfUgUz0ej66by46mKwxjvSc00dOouorp+3r0rcqKnQCs8YxYEvF3E6Fa XJyoPsjP6Cn03IAkcRV0busFhCrfrh3njcpwUFy5Sx9XYc+8CzphHFswbggODfgA tjolOTX4SuOLZDZhbnqB4RygNvb1xHGS4rNIhyRLLhQUBHL8+kqj0uWc/q6QsT/9 2NuIg1R+EbC8ojmmCb0p9fRwqOMOdgO9owg/IF4V2p6gIlV+J/hAbr9eGHqdVN7N js1bfJrqsjCNQ0iR7j/ifUs0EiMRdP/OShf5kdFCMafcNKlJoaLd/2elLha+VHDD T+0GT6nL67luUhLo9SlMm+LeqUkXCm20peml6/D9/FFALADe4Si03hnWnaBZL120 JgildayMavnvNv30+JEoX77hud2dsieJkiKPcb/FOhmft1x2vBKBNrH60QGf5qEZ xBWCCVqhKxIKM/K0FtfqoY+cUpotBOvkjikoKqiHSCZGEHGCx5Gfdk6D1IGWh6Fu lRPXCg3tjP1QlwLxLSdcXp7U3IWzgvxV0VBtGMEUkxHSXlp5zsDf1DwgpjqoChAm WHBtRbsMAEpqF21pHXCAT5RO29SNcBDd7w02Fur8II1hS4JeFkc= =lMbT -----END PGP SIGNATURE-----

Trust: 2.16

sources: NVD: CVE-2017-8023 // JVNDB: JVNDB-2017-014416 // BID: 107712 // VULHUB: VHN-116226 // VULMON: CVE-2017-8023 // PACKETSTORM: 152245

AFFECTED PRODUCTS

vendor:dellmodel:emc networkerscope:ltversion:9.1.1.5

Trust: 1.0

vendor:dellmodel:emc networkerscope:gteversion:8.2.0.0

Trust: 1.0

vendor:dellmodel:emc networkerscope:gteversion:9.0.0.0

Trust: 1.0

vendor:dellmodel:emc networkerscope:ltversion:8.2.4.11

Trust: 1.0

vendor:dellmodel:emc networkerscope:gteversion:9.1.0.0

Trust: 1.0

vendor:dellmodel:emc networkerscope:gteversion:9.2.0.0

Trust: 1.0

vendor:dellmodel:emc networkerscope:ltversion:9.2.1.0

Trust: 1.0

vendor:dellmodel:emc networkerscope:lteversion:9.0.1.9

Trust: 1.0

vendor:dell emc old emcmodel:networkerscope: - version: -

Trust: 0.8

vendor:dellmodel:emc networkerscope:eqversion:9.2

Trust: 0.3

vendor:dellmodel:emc networkerscope:eqversion:9.0

Trust: 0.3

vendor:dellmodel:emc networkerscope:eqversion:8.2

Trust: 0.3

vendor:dellmodel:emc networkerscope:eqversion:9.1.1.1

Trust: 0.3

vendor:dellmodel:emc networker sp1scope:eqversion:8.2

Trust: 0.3

vendor:dellmodel:emc networkerscope:neversion:9.2.1

Trust: 0.3

vendor:dellmodel:emc networkerscope:neversion:9.1.1.5

Trust: 0.3

vendor:dellmodel:emc networkerscope:neversion:8.2.4.11

Trust: 0.3

sources: BID: 107712 // JVNDB: JVNDB-2017-014416 // NVD: CVE-2017-8023

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2017-8023
value: CRITICAL

Trust: 1.0

security_alert@emc.com: CVE-2017-8023
value: CRITICAL

Trust: 1.0

NVD: CVE-2017-8023
value: CRITICAL

Trust: 0.8

CNNVD: CNNVD-201903-1052
value: CRITICAL

Trust: 0.6

VULHUB: VHN-116226
value: HIGH

Trust: 0.1

VULMON: CVE-2017-8023
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2017-8023
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

VULHUB: VHN-116226
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2017-8023
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.0

Trust: 2.8

sources: VULHUB: VHN-116226 // VULMON: CVE-2017-8023 // JVNDB: JVNDB-2017-014416 // CNNVD: CNNVD-201903-1052 // NVD: CVE-2017-8023 // NVD: CVE-2017-8023

PROBLEMTYPE DATA

problemtype:CWE-287

Trust: 1.9

sources: VULHUB: VHN-116226 // JVNDB: JVNDB-2017-014416 // NVD: CVE-2017-8023

THREAT TYPE

remote

Trust: 0.7

sources: PACKETSTORM: 152245 // CNNVD: CNNVD-201903-1052

TYPE

authorization issue

Trust: 0.6

sources: CNNVD: CNNVD-201903-1052

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2017-014416

EXPLOIT AVAILABILITY
sources:
            
            
            VULHUB: VHN-116226

PATCH
title:NETWORKERurl:https://japan.emc.com/data-protection/networker.htm
Trust: 0.8
title:Dell EMC NetWorker Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=90471
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2017-014416 // 
            
            
            
            CNNVD: CNNVD-201903-1052

EXTERNAL IDS
db:NVDid:CVE-2017-8023
Trust: 3.0
db:BIDid:107712
Trust: 2.1
db:PACKETSTORMid:152245
Trust: 0.8
db:JVNDBid:JVNDB-2017-014416
Trust: 0.8
db:CNNVDid:CNNVD-201903-1052
Trust: 0.7
db:VULHUBid:VHN-116226
Trust: 0.1
db:VULMONid:CVE-2017-8023
Trust: 0.1
sources:
            
            
            VULHUB: VHN-116226 // 
            
            
            
            VULMON: CVE-2017-8023 // 
            
            
            
            BID: 107712 // 
            
            
            
            JVNDB: JVNDB-2017-014416 // 
            
            
            
            PACKETSTORM: 152245 // 
            
            
            
            CNNVD: CNNVD-201903-1052 // 
            
            
            
            NVD: CVE-2017-8023

REFERENCES
url:https://seclists.org/fulldisclosure/2019/mar/50
Trust: 3.0
url:http://www.securityfocus.com/bid/107712
Trust: 1.8
url:https://nvd.nist.gov/vuln/detail/cve-2017-8023
Trust: 1.5
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-8023
Trust: 0.8
url:https://packetstormsecurity.com/files/152245/emc-networker-remote-code-execution.html
Trust: 0.6
url:http://www.emc.com/
Trust: 0.3
url:https://cwe.mitre.org/data/definitions/287.html
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
url:https://support.emc.com/docu81539_networker-9.1.x-security-configuration-guide.pdf
Trust: 0.1
url:https://support.emc.com/docu57698_networker-8.2--security-configuration-guide.pdf
Trust: 0.1
url:https://support.emc.com/docu86749_networker,-nve,-nvp-and-modules-9.1.1-cumulative-hotfixes.pdf
Trust: 0.1
url:https://support.emc.com/docu85867_networker-9.2-security-configuration-guide.pdf
Trust: 0.1
url:https://support.emc.com/downloads/1095_networker
Trust: 0.1
url:https://support.emc.com/docu61097_networker_9.0.x_security_configuration_guide.pdf
Trust: 0.1
url:https://support.emc.com/docu81710_networker-and-nmm-8.2.4-cumulative-hotfixes.pdf
Trust: 0.1
sources:
            
            
            VULHUB: VHN-116226 // 
            
            
            
            VULMON: CVE-2017-8023 // 
            
            
            
            BID: 107712 // 
            
            
            
            JVNDB: JVNDB-2017-014416 // 
            
            
            
            PACKETSTORM: 152245 // 
            
            
            
            CNNVD: CNNVD-201903-1052 // 
            
            
            
            NVD: CVE-2017-8023

CREDITS
emc.com
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-201903-1052

SOURCES
db:VULHUBid:VHN-116226
db:VULMONid:CVE-2017-8023
db:BIDid:107712
db:JVNDBid:JVNDB-2017-014416
db:PACKETSTORMid:152245
db:CNNVDid:CNNVD-201903-1052
db:NVDid:CVE-2017-8023

LAST UPDATE DATE
2024-11-23T22:00:00.231000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-116226date:2019-04-04T00:00:00
db:VULMONid:CVE-2017-8023date:2019-04-04T00:00:00
db:BIDid:107712date:2019-03-22T00:00:00
db:JVNDBid:JVNDB-2017-014416date:2019-05-09T00:00:00
db:CNNVDid:CNNVD-201903-1052date:2019-04-08T00:00:00
db:NVDid:CVE-2017-8023date:2024-11-21T03:33:10.550

SOURCES RELEASE DATE
db:VULHUBid:VHN-116226date:2019-04-01T00:00:00
db:VULMONid:CVE-2017-8023date:2019-04-01T00:00:00
db:BIDid:107712date:2019-03-22T00:00:00
db:JVNDBid:JVNDB-2017-014416date:2019-05-09T00:00:00
db:PACKETSTORMid:152245date:2019-03-27T00:43:22
db:CNNVDid:CNNVD-201903-1052date:2019-03-27T00:00:00
db:NVDid:CVE-2017-8023date:2019-04-01T21:29:24.263