Multiple vulnerabilities in Dell EMC Integrated Data Protection Appliance



Published: 2022-11-04
Risk Medium
Patch available YES
Number of vulnerabilities 9
CVE-ID CVE-2019-11091
CVE-2019-5516
CVE-2019-5517
CVE-2019-5518
CVE-2019-5519
CVE-2019-5521
CVE-2019-5528
CVE-2019-5531
CVE-2019-5684
CWE-ID CWE-200
CWE-125
CWE-119
CWE-749
CWE-613
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe
EMC Integrated Data Protection Appliance
Server applications / IDS/IPS systems, Firewalls and proxy servers

Vendor Dell

Security Bulletin

This security bulletin contains information about 9 vulnerabilities.

1) Information disclosure

EUVDB-ID: #VU28398

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2019-11091

CWE-ID: CWE-200 - Information Exposure

Exploit availability: No

Description

The vulnerability allows a local authenticated user to gain access to sensitive information.

Microarchitectural Data Sampling Uncacheable Memory (MDSUM): Uncacheable memory on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf

Mitigation

Install update from vendor's website.

Vulnerable software versions

EMC Integrated Data Protection Appliance: 2.0 - 2.3


CPE2.3 External links

http://www.dell.com/support/kbdoc/en-us/000153625/dsa-2019-179-dell-emc-integrated-data-protection-appliance-security-update-for-vsphere-esxi-and-vcenter-vulnerabilities

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

2) Out-of-bounds read

EUVDB-ID: #VU22327

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2019-5516

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition in the vertex shader functionality. A remote authenticated attacker with access to a virtual machine with 3D graphics enabled can trigger out-of-bounds read error and read contents of memory on the system or cause a denial of service (DoS) condition on their own VM.

Mitigation

Install update from vendor's website.

Vulnerable software versions

EMC Integrated Data Protection Appliance: 2.0 - 2.3


CPE2.3 External links

http://www.dell.com/support/kbdoc/en-us/000153625/dsa-2019-179-dell-emc-integrated-data-protection-appliance-security-update-for-vsphere-esxi-and-vcenter-vulnerabilities

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

3) Out-of-bounds read

EUVDB-ID: #VU22328

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2019-5517

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition in the shader translator. A remote authenticated attacker with access to a virtual machine with 3D graphics enabled can trigger out-of-bounds read error and read contents of memory on the system or cause a denial of service (DoS) condition on their own VM.

Mitigation

Install update from vendor's website.

Vulnerable software versions

EMC Integrated Data Protection Appliance: 2.0 - 2.3


CPE2.3 External links

http://www.dell.com/support/kbdoc/en-us/000153625/dsa-2019-179-dell-emc-integrated-data-protection-appliance-security-update-for-vsphere-esxi-and-vcenter-vulnerabilities

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

4) Buffer overflow

EUVDB-ID: #VU22408

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2019-5518

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the virtual USB 1.1 UHCI (Universal Host Controller Interface). An attacker with physical access to a virtual machine with a virtual USB controller present can trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

EMC Integrated Data Protection Appliance: 2.0 - 2.3


CPE2.3 External links

http://www.dell.com/support/kbdoc/en-us/000153625/dsa-2019-179-dell-emc-integrated-data-protection-appliance-security-update-for-vsphere-esxi-and-vcenter-vulnerabilities

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

5) Time-of-check Time-of-use (TOCTOU) Race Condition

EUVDB-ID: #VU22409

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2019-5519

CWE-ID: N/A

Exploit availability: No

Description

The vulnerability allows a local attacker to execute arbitrary code on the target system.

The vulnerabity exists due to the Time-of-check Time-of-use (TOCTOU) vulnerability in the virtual USB 1.1 UHCI (Universal Host Controller Interface). An attacker with physical access to a virtual machine with a virtual USB controller present can execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


Mitigation

Install update from vendor's website.

Vulnerable software versions

EMC Integrated Data Protection Appliance: 2.0 - 2.3


CPE2.3 External links

http://www.dell.com/support/kbdoc/en-us/000153625/dsa-2019-179-dell-emc-integrated-data-protection-appliance-security-update-for-vsphere-esxi-and-vcenter-vulnerabilities

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

6) Out-of-bounds read

EUVDB-ID: #VU19920

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2019-5521

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition within the pixel shader functionality. A remote unprivileged user with access to a guest operating system can trigger out-of-bounds read error and read contents of memory on the system on perform a denial of service attack.


Mitigation

Install update from vendor's website.

Vulnerable software versions

EMC Integrated Data Protection Appliance: 2.0 - 2.3


CPE2.3 External links

http://www.dell.com/support/kbdoc/en-us/000153625/dsa-2019-179-dell-emc-integrated-data-protection-appliance-security-update-for-vsphere-esxi-and-vcenter-vulnerabilities

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

7) Exposed dangerous method or function

EUVDB-ID: #VU22326

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2019-5528

CWE-ID: CWE-749 - Exposed Dangerous Method or Function

Exploit availability: No

Description

The vulnerability allows a remote attacker to cause a denial of service (DoS) condition on the target system.

The vulnerability exists due to the affected software provides an interface includes a dangerous method or function that is not properly restricted. A remote attacker can send a specially crafted request and cause the hostd service to become unresponsive, resulting in a partial denial of service for management functionality.

Mitigation

Install update from vendor's website.

Vulnerable software versions

EMC Integrated Data Protection Appliance: 2.0 - 2.3


CPE2.3 External links

http://www.dell.com/support/kbdoc/en-us/000153625/dsa-2019-179-dell-emc-integrated-data-protection-appliance-security-update-for-vsphere-esxi-and-vcenter-vulnerabilities

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

8) Insufficient Session Expiration

EUVDB-ID: #VU21147

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2019-5531

CWE-ID: CWE-613 - Insufficient Session Expiration

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to sensitive information.

The vulnerability exists due to insufficient session expiration issue. A remote non-authenticated attacker can obtain or guess session token and gain unauthorized access to session that belongs to another user.

Mitigation

Install update from vendor's website.

Vulnerable software versions

EMC Integrated Data Protection Appliance: 2.0 - 2.3


CPE2.3 External links

http://www.dell.com/support/kbdoc/en-us/000153625/dsa-2019-179-dell-emc-integrated-data-protection-appliance-security-update-for-vsphere-esxi-and-vcenter-vulnerabilities

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

9) Out-of-bounds write

EUVDB-ID: #VU19921

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2019-5684

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a boundary error when processing untrusted input. A remote unprivileged user with access to a guest operating system can trigger out-of-bounds write and execute arbitrary code on the target system.

Note, the vulnerability can be exploited only if the host has an affected NVIDIA graphics driver.

Mitigation

Install update from vendor's website.

Vulnerable software versions

EMC Integrated Data Protection Appliance: 2.0 - 2.3


CPE2.3 External links

http://www.dell.com/support/kbdoc/en-us/000153625/dsa-2019-179-dell-emc-integrated-data-protection-appliance-security-update-for-vsphere-esxi-and-vcenter-vulnerabilities

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?



###SIDEBAR###