Authentication bypass in EMC Data Protection Advisor
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2017-8013 |
| CWE-ID | CWE-259 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
EMC Data Protection Advisor Server applications / Other server solutions |
| Vendor | Dell |
Security Bulletin
This security bulletin contains one low risk vulnerability.
1) Use of hardcoded password
EUVDB-ID: #VU8491
Risk: Low
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2017-8013
CWE-ID:
CWE-259 - Use of Hard-coded Password
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass authentication to the target system.
The weakness exists in the EMC DPA Application service due to user of hard-coded passwords for undocumented accounts, including administrative accounts. A remote attacker can use REST APIs to bypass authentication under the context of the Administrator and gain unauthorized access to the system.
Install update (6.3 patch 67, 6.4 patch 130) from vendor's website.
EMC Data Protection Advisor: 6.3 - 6.4
CPE2.3- cpe:2.3:a:dell:emc_data_protection_advisor:6.3:*:*:*:*:*:*:*
- cpe:2.3:a:dell:emc_data_protection_advisor:6.4:*:*:*:*:*:*:*
https://seclists.org/fulldisclosure/2017/Sep/36
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
