Multiple vulnerabilities in Dell VxRail Appliance



Published: 2022-10-20
Risk Critical
Patch available YES
Number of vulnerabilities 2
CVE-ID CVE-2021-21985
CVE-2021-21986
CWE-ID CWE-20
CWE-287
Exploitation vector Network
Public exploit Vulnerability #1 is being exploited in the wild.
Vulnerable software
Subscribe 		Dell EMC VxRail Appliance
Hardware solutions / Routers & switches, VoIP, GSM, etc

Vendor Dell

Security Bulletin

This security bulletin contains information about 2 vulnerabilities.

1) Input validation error

EUVDB-ID: #VU53595

Risk: Critical

CVSSv3.1: 9.4 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H/RL:O/RC:C]

CVE-ID: CVE-2021-21985

CWE-ID: CWE-20 - Improper input validation

Exploit availability: Yes

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to insufficient validation of user-supplied input within the Virtual SAN Health Check plug-in, which is enabled by default. A remote non-authenticated attacker can send a specially crafted HTTP request to the vSphere Client available at port 443/tcp and execute arbitrary commands with unrestricted privileges on the underlying operating system that hosts vCenter Server.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Dell EMC VxRail Appliance: before 4.5.461

External links

http://www.dell.com/support/kbdoc/en-us/000187812/dsa-2021-112-dell-vxrail-appliance-security-update-for-multiple-vmware-vulnerabilities


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

Yes. This vulnerability is being exploited in the wild.

2) Improper Authentication

EUVDB-ID: #VU53596

Risk: Medium

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-21986

CWE-ID: CWE-287 - Improper Authentication

Exploit availability: No

Description

The vulnerability allows a remote attacker to bypass authentication process.

The vulnerability exists due to an error in when processing authentication requests to the Virtual SAN Health Check, Site Recovery, vSphere Lifecycle Manager, and VMware Cloud Director Availability plug-ins. A remote non-authenticated attacker can bypass authentication process and gain unauthorized access to the application.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Dell EMC VxRail Appliance: before 4.5.461

External links

http://www.dell.com/support/kbdoc/en-us/000187812/dsa-2021-112-dell-vxrail-appliance-security-update-for-multiple-vmware-vulnerabilities


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###