SB2017070611 - Information disclosure in EMC Data Protection Advisor
Published: July 10, 2017
Security Bulletin ID
SB2017070611
CSH Severity
Low
Patch available
YES
Number of vulnerabilities
2
Exploitation vector
Remote access
Highest impact
Information disclosure
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 2 vulnerabilities.
1) SQL injection (CVE-ID: CVE-2017-8002)
CWE-ID: CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a remote authenticated attacker to execute SQL commands on the target system.
The weakness exists within the EMC DPA Application service, which listens on TCP port 9002 by default due to improper input validation. A remote attacker can supply a specially crafted parameter value to execute SQL commands on the underlying database and obtain information about the application.
Successful exploitation of the vulnerability results in information disclosure.
2) Path traversal (CVE-ID: CVE-2017-8003)
CWE-ID: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a remote authenticated high privileged attacker to obtain potentially sensitive information.
The weakness exists due to improper input validation. A remote attacker can supply specially crafted stings in input parameters, trigger path traversal and read important information on the underlying operating system.
Successful exploitation of the vulnerability results in information disclosure.
Remediation
Install update from vendor's website.