Multiple vulnerabilities in Dell EMC PowerStore Family Operating System



Published: 2022-10-24
Risk Medium
Patch available YES
Number of vulnerabilities 4
CVE-ID CVE-2020-11612
CVE-2019-20444
CVE-2019-20445
CVE-2019-16869
CWE-ID CWE-400
CWE-444
CWE-113
Exploitation vector Network
Public exploit Public exploit code for vulnerability #2 is available.
Vulnerable software
Subscribe 		Dell EMC PowerStore Family Operating System
Other software / Other software solutions

Vendor Dell

Security Bulletin

This security bulletin contains information about 4 vulnerabilities.

1) Resource exhaustion

EUVDB-ID: #VU27513

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-11612

CWE-ID: CWE-400 - Resource exhaustion

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to application does not properly control consumption of internal resources within ZlibDecoders in Netty while decoding a ZlibEncoded byte stream. A remote attacker can trigger resource exhaustion by passing an overly large ZlibEncoded byte stream to the Netty server, forcing the server to allocate all of its free memory to a single decoder.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Dell EMC PowerStore Family Operating System: before 1.0.4.0.5.003

External links

http://www.dell.com/support/kbdoc/en-us/000182932/dsa-2021-034-dell-emc-powerstore-family-security-update-for-netty-vulnerabilities


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Inconsistent interpretation of HTTP requests

EUVDB-ID: #VU25355

Risk: Medium

CVSSv3.1: 5.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C]

CVE-ID: CVE-2019-20444

CWE-ID: CWE-444 - Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling')

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform HTTP request smuggling attacks.

The vulnerability exists due to incorrect processing of HTTP headers without the colon within the HttpObjectDecoder.java file in Netty. A remote attacker can send a specially crafted HTTP request to the application and perform HTTP request smuggling attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Dell EMC PowerStore Family Operating System: before 1.0.4.0.5.003

External links

http://www.dell.com/support/kbdoc/en-us/000182932/dsa-2021-034-dell-emc-powerstore-family-security-update-for-netty-vulnerabilities


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

3) HTTP response splitting

EUVDB-ID: #VU25598

Risk: Medium

CVSSv3.1: 5.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2019-20445

CWE-ID: CWE-113 - Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting')

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform HTTP splitting attacks.

The vulnerability exists due to software does not corrector process CRLF character sequences within the HttpObjectDecoder.java in Netty, which allows a Content-Length header to be accompanied by a second Content-Length header, or by a Transfer-Encoding header. A remote attacker can send specially crafted request containing CRLF sequence and make the application to send a split HTTP response.

Successful exploitation of the vulnerability may allow an attacker perform cache poisoning attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Dell EMC PowerStore Family Operating System: before 1.0.4.0.5.003

External links

http://www.dell.com/support/kbdoc/en-us/000182932/dsa-2021-034-dell-emc-powerstore-family-security-update-for-netty-vulnerabilities


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Inconsistent interpretation of HTTP requests

EUVDB-ID: #VU22825

Risk: Medium

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2019-16869

CWE-ID: CWE-444 - Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling')

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform HTTP request smuggling attack.

The vulnerability exists due to improper input validation when processing a whitespace before the colon in HTTP headers (e.g. "Transfer-Encoding : chunked"). A remote attacker can send a specially crafted HTTP request and perform HTTP request smuggling attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Dell EMC PowerStore Family Operating System: before 1.0.4.0.5.003

External links

http://www.dell.com/support/kbdoc/en-us/000182932/dsa-2021-034-dell-emc-powerstore-family-security-update-for-netty-vulnerabilities


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###