Multiple vulnerabilities in Dell EMC Cloud Tiering Appliance



Published: 2022-10-14 | Updated: 2023-05-12
Risk High
Patch available YES
Number of vulnerabilities 18
CVE-ID CVE-2017-5648
CVE-2018-8034
CVE-2018-8014
CVE-2018-1336
CVE-2018-1305
CVE-2018-1304
CVE-2017-12617
CVE-2017-7674
CVE-2017-5664
CVE-2017-5647
CVE-2016-8735
CVE-2016-6817
CVE-2016-6816
CVE-2016-6797
CVE-2016-6796
CVE-2016-6794
CVE-2016-5018
CVE-2016-0762
CWE-ID CWE-284
CWE-264
CWE-200
CWE-835
CWE-20
CWE-119
CWE-863
Exploitation vector Network
Public exploit Vulnerability #7 is being exploited in the wild.
Vulnerability #11 is being exploited in the wild.
Public exploit code for vulnerability #13 is available.
Public exploit code for vulnerability #17 is available.
Vulnerable software
Subscribe 		EMC Cloud Tiering Appliance
Other software / Other software solutions

Vendor Dell

Security Bulletin

This security bulletin contains information about 18 vulnerabilities.

1) Security restrictions bypass

EUVDB-ID: #VU6675

Risk: Low

CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2017-5648

CWE-ID: CWE-284 - Improper Access Control

Exploit availability: No

Description

The vulnerability allows a remote attacker to bypass security restrictions on the target system.

The weakness exists due to the failure to use the appropriate facade object by certain application listener calls. A remote attacker can access and modify arbitrary data.

Mitigation

Install update from vendor's website.

Vulnerable software versions

EMC Cloud Tiering Appliance: before 13.1.0.2.20

External links

http://www.dell.com/support/kbdoc/en-us/000193541/dsa-2021-248


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Security restrictions bypass

EUVDB-ID: #VU13992

Risk: Low

CVSSv3.1: 6.4 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-8034

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a remote attacker to bypass security restrictions on the target system.

The vulnerability exists due to host name verification when using TLS with the WebSocket client was missing. A remote unauthenticated attacker can bypass security restrictions when using TLS.

Mitigation

Install update from vendor's website.

Vulnerable software versions

EMC Cloud Tiering Appliance: before 13.1.0.2.20

External links

http://www.dell.com/support/kbdoc/en-us/000193541/dsa-2021-248


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Information disclosure

EUVDB-ID: #VU12798

Risk: Low

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-8014

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.
The weakness exists due to the defaults settings for the CORS filter are insecure and enable supportsCredentials for all origins. It is expected that users of the CORS filter will have configured it appropriately for their environment rather than using it in the default configuration. A remote attacker can access important data.

Mitigation

Install update from vendor's website.

Vulnerable software versions

EMC Cloud Tiering Appliance: before 13.1.0.2.20

External links

http://www.dell.com/support/kbdoc/en-us/000193541/dsa-2021-248


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Infinite loop

EUVDB-ID: #VU13986

Risk: Medium

CVSSv3.1: 7.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-1336

CWE-ID: CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')

Exploit availability: No

Description

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists due to improper handing of overflow in the UTF-8 decoder with supplementary characters. A remote attacker can send trigger an infinite loop in the decoder and cause the service to crash.

Mitigation

Install update from vendor's website.

Vulnerable software versions

EMC Cloud Tiering Appliance: before 13.1.0.2.20

External links

http://www.dell.com/support/kbdoc/en-us/000193541/dsa-2021-248


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Security restrictions bypass

EUVDB-ID: #VU10706

Risk: Low

CVSSv3.1: 6.4 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-1305

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a remote attacker to bypass security restrictions on the target system.

The weakness exists due to security constraints defined by annotations of Servlets are only applied once a Servlet had been loaded. A remote attacker can supply a specially crafted URL pattern and any URLs below that point, bypass security restrictions and gain unauthorised access to arbitrary resources.

Mitigation

Install update from vendor's website.

Vulnerable software versions

EMC Cloud Tiering Appliance: before 13.1.0.2.20

External links

http://www.dell.com/support/kbdoc/en-us/000193541/dsa-2021-248


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Security restrictions bypass

EUVDB-ID: #VU10707

Risk: Low

CVSSv3.1: 6.4 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-1304

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a remote attacker to bypass security restrictions on the target system.

The weakness exists due to the URL pattern of "" (the empty string) which exactly maps to the context root was not correctly handled when used as part of a security constraint definition. A remote attacker can supply a specially crafted URL, bypass security restrictions and gain unauthorised access to web application resources.

Mitigation

Install update from vendor's website.

Vulnerable software versions

EMC Cloud Tiering Appliance: before 13.1.0.2.20

External links

http://www.dell.com/support/kbdoc/en-us/000193541/dsa-2021-248


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Improper input validation

EUVDB-ID: #VU8669

Risk: High

CVSSv3.1: 9.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H/RL:O/RC:C]

CVE-ID: CVE-2017-12617

CWE-ID: CWE-20 - Improper input validation

Exploit availability: Yes

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to insufficient validation of user-supplied input when running with HTTP PUTs enabled. A remote attacker can send a specially crafted request to upload a JSP file to the server and execute arbitrary code on the system.

Successful exploitation of the vulnerability may result in full system compromise.

Mitigation

Install update from vendor's website.

Vulnerable software versions

EMC Cloud Tiering Appliance: before 13.1.0.2.20

External links

http://www.dell.com/support/kbdoc/en-us/000193541/dsa-2021-248


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

Yes. This vulnerability is being exploited in the wild.

8) Improper input validation

EUVDB-ID: #VU8697

Risk: Low

CVSSv3.1: 5.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2017-7674

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to conduct client and server side cache poisoning.

The weakness exists due to the failure to add an HTTP Vary header indicating that the response varies depending on Origin by the CORS Filter. A remote attacker can trick the victim to follow a specially crafted link and conduct client and server side cache poisoning.

Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks



Mitigation

Install update from vendor's website.

Vulnerable software versions

EMC Cloud Tiering Appliance: before 13.1.0.2.20

External links

http://www.dell.com/support/kbdoc/en-us/000193541/dsa-2021-248


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) Security bypass

EUVDB-ID: #VU6950

Risk: Low

CVSSv3.1: 5.1 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2017-5664

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to bypass security restrictions on the target system.

The weakness exists due to improper handling of certain HTTP request methods for static error pages in Default Servlet. A remote attacker can bypass HTTP method restrictions and cause the error page to be deleted or replaced.

Successful exploitation of the vulnerability results in information modification.

Mitigation

Install update from vendor's website.

Vulnerable software versions

EMC Cloud Tiering Appliance: before 13.1.0.2.20

External links

http://www.dell.com/support/kbdoc/en-us/000193541/dsa-2021-248


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

10) Information disclosure

EUVDB-ID: #VU6674

Risk: Low

CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2017-5647

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.

The weakness exists in the handling of the pipelined requests when send file was used resulted in the pipelined request being lost when send file processing of the previous request completed. A remote attacker can cause responses to appear to be sent for the wrong request.

Mitigation

Install update from vendor's website.

Vulnerable software versions

EMC Cloud Tiering Appliance: before 13.1.0.2.20

External links

http://www.dell.com/support/kbdoc/en-us/000193541/dsa-2021-248


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

11) Remote code execution

EUVDB-ID: #VU1183

Risk: Medium

CVSSv3.1: 8.6 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H/RL:O/RC:C]

CVE-ID: CVE-2016-8735

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists within JmxRemoteLifecycleListener listener component due to usage of vulnerable Oracle code, fixed in CVE-2016-3427. A remote unauthenticated attacker with ability to connect to vulnerable listener can execute arbitrary code on the target system.

Successful exploitation of the vulnerability may allow an attacker to gain complete control over vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

EMC Cloud Tiering Appliance: before 13.1.0.2.20

External links

http://www.dell.com/support/kbdoc/en-us/000193541/dsa-2021-248


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

Yes. This vulnerability is being exploited in the wild.

12) Denial of service

EUVDB-ID: #VU1185

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2016-6817

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a DoS attack.

The vulnerability exists due to boundary error when parsing HTTP/2 headers. A remote attacker can send a specially crafted HTTP/2 header longer than available buffer and trigger infinite loop.

Successful exploitation of the vulnerability may result in denial of service.

Mitigation

Install update from vendor's website.

Vulnerable software versions

EMC Cloud Tiering Appliance: before 13.1.0.2.20

External links

http://www.dell.com/support/kbdoc/en-us/000193541/dsa-2021-248


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

13) Improper input validation

EUVDB-ID: #VU1184

Risk: Low

CVSSv3.1: 3.4 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C]

CVE-ID: CVE-2016-6816

CWE-ID: CWE-200 - Information exposure

Exploit availability: Yes

Description

The vulnerability allows a remote attacker to manipulate HTTP responses.

The vulnerability exists due to incorrect parsing of HTTP requests. A remote attacker can send a specially crafted HTTP request containing specially crafted characters and perform XSS attacks, manipulate HTTP responses or obtain potentially sensitive data, belonging to other sessions.

Successful exploitation of the vulnerability may allow an attacker to gain access to potentially sensitive information, but requires presence of a proxy server, which does not block injected characters.

Mitigation

Install update from vendor's website.

Vulnerable software versions

EMC Cloud Tiering Appliance: before 13.1.0.2.20

External links

http://www.dell.com/support/kbdoc/en-us/000193541/dsa-2021-248


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

14) Incorrect authorization

EUVDB-ID: #VU64585

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2016-6797

CWE-ID: CWE-863 - Incorrect Authorization

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to sensitive information.

The vulnerability exists due to ResourceLinkFactory implementation in Apache Tomcat does not limit web application access to global JNDI resources to those resources explicitly linked to the web application. A remote unauthenticated attacker can access any global JNDI resource whether an explicit ResourceLink had been configured or not.

Mitigation

Install update from vendor's website.

Vulnerable software versions

EMC Cloud Tiering Appliance: before 13.1.0.2.20

External links

http://www.dell.com/support/kbdoc/en-us/000193541/dsa-2021-248


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

15) Security restrictions bypass

EUVDB-ID: #VU1092

Risk: Low

CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2016-6796

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows an application to bypass security manager restrictions on the target system.
The weakness improper access control. By modifying of configuration parameters for the JSP Servlet, a malicious application can bypass a configured SecurityManager.
Successful exploitation of the vulnerability results in security bypass.

Mitigation

Install update from vendor's website.

Vulnerable software versions

EMC Cloud Tiering Appliance: before 13.1.0.2.20

External links

http://www.dell.com/support/kbdoc/en-us/000193541/dsa-2021-248


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

16) Information disclosure

EUVDB-ID: #VU1090

Risk: Low

CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2016-6794

CWE-ID: CWE-284 - Improper Access Control

Exploit availability: No

Description

The vulnerability allows an application to obtain potentially sensitive information on the target system.
The weakness is due to insufficient accesss control. By invoking the system property replacement feature, a malicious application can bypass a configured SecurityManager and read potentially sensitive system properties.
Successful exploitation of the vulnerability results in disclosure of important data on the vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

EMC Cloud Tiering Appliance: before 13.1.0.2.20

External links

http://www.dell.com/support/kbdoc/en-us/000193541/dsa-2021-248


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

17) Security restrictions bypass

EUVDB-ID: #VU1093

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C]

CVE-ID: CVE-2016-5018

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: Yes

Description

The vulnerability allows an application to bypass security manager restrictions on the target system.
The weakness improper access control. By invoking a certain Tomcat utility method, a malicious application can bypass a configured SecurityManager.
Successful exploitation of the vulnerability results in security bypass.

Mitigation

Install update from vendor's website.

Vulnerable software versions

EMC Cloud Tiering Appliance: before 13.1.0.2.20

External links

http://www.dell.com/support/kbdoc/en-us/000193541/dsa-2021-248


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

18) Improper input validation

EUVDB-ID: #VU55165

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2016-0762

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to manipulate data.

The vulnerability exists due to improper input validation within the Provisioning (Apache Tomcat) component in Oracle Communications Diameter Signaling Router (DSR). A remote non-authenticated attacker can exploit this vulnerability to manipulate data.

Mitigation

Install update from vendor's website.

Vulnerable software versions

EMC Cloud Tiering Appliance: before 13.1.0.2.20

External links

http://www.dell.com/support/kbdoc/en-us/000193541/dsa-2021-248


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###