SB2022110940 - Multiple vulnerabilities in Dell EMC Search

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2022110940

SB2022110940 - Multiple vulnerabilities in Dell EMC Search

Published: November 9, 2022 Updated: March 28, 2023

Security Bulletin ID SB2022110940
Severity
High
Patch available
YES
Number of vulnerabilities 10
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

High 10% Medium 20% Low 70%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 10 secuirty vulnerabilities.


1) Stack-based buffer overflow (CVE-ID: CVE-2018-14633)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing client digest packets in chap_server_compute_md5() function when processing authentication request from an ISCSI initiator. A remote attacker can send an overly long value (longer than 32 bytes), trigger stack-based buffer overflow and execute arbitrary code on the target system.

2) Privilege escalation (CVE-ID: CVE-2018-15686)

The vulnerability allows a remote attacker to gain elevated privileges on the target system.

The weakness exists due to an error in unit_deserialize of systemd. A remote attacker can supply arbitrary state across systemd re-execution via NotifyAccess and gain root privileges.


3) Heap out-of-bounds write (CVE-ID: CVE-2018-15688)

The vulnerability allows a remote attacker to cause DoS condition or execute arbitrary code with elevated privileges.

The weakness exists within the written-from-scratch DHCPv6 client of the open-source Systemd management suite due to an out-of-bounds heap write in the DHCPv6 client when handling options sent by network adjacent DHCP servers. A remote attacker can supply maliciously crafted DHCPv6 packets, exploit the programming cockup, arbitrarily change parts of memory to crash or execute arbitrary code on the vulnerable Systemd-powered Linux machines.


4) Use-after-free error (CVE-ID: CVE-2018-16840)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists due to use-after-free error in closing an easy handle in the 'Curl_close()' function. A remote unauthenticated attacker can specially crafted data, trigger memory corruption and cause the service to crash.


5) Command injection (CVE-ID: CVE-2018-1000802)

The vulnerability allows a remote attacker to execute arbitrary commands on the target system.

The vulnerability exists due to command injection in shutil module (make_archive function). A remote attacker can supply passage of unfiltered user input to the function and inject arbitrary commands to access arbitrary data or cause the service to crash.


6) Division by zero (CVE-ID: CVE-2018-11212)

The vulnerability allows a remote attacker to cause DoS condition.

The weakness exists due to division by zero error within the libjpeg library within the libjpeg-turbo in alloc_sarray() function of jmemmgr.c file. A remote attacker can pass a specially crafted file the to affected application and cause application to crash.

7) Information disclosure (CVE-ID: CVE-2019-2422)

The vulnerability allows a remote attacker to obtain potentially sensitive information.

The weakness exists due to unspecified flaw in Libraries component. A remote attacker can gain access to sensitive information on the system.

8) Information disclosure (CVE-ID: CVE-2019-2426)

The vulnerability allows a remote attacker to obtain potentially sensitive information.

The weakness exists due to unspecified flaw in Networking component. A remote attacker read arbitrary data.

9) Denial of service (CVE-ID: CVE-2019-2449)

The vulnerability allows a remote attacker to cause DoS condition.

The weakness exists due to unspecified flaw in Deployment component. A remote attacker cause the service to crash.

10) Improper access control (CVE-ID: CVE-2019-2540)

The vulnerability allows a remote non-authenticated attacker to read and manipulate data.

Vulnerability in the Java Advanced Management Console component of Oracle Java SE (subcomponent: Server). The supported version that is affected is Java Advanced Management Console: 2.12. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java Advanced Management Console. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java Advanced Management Console, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java Advanced Management Console accessible data as well as unauthorized read access to a subset of Java Advanced Management Console accessible data. CVSS 3.0 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).


Remediation

Install update from vendor's website.

References