#VU15680 Security restrictions bypass in EMC Integrated Data Protection Appliance - CVE-2018-11062
Published: October 31, 2018 / Updated: November 1, 2018
Vulnerability identifier: #VU15680
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2018-11062
CWE-ID: CWE-264
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vulnerable software:
EMC Integrated Data Protection Appliance
EMC Integrated Data Protection Appliance
Software vendor:
Dell
Dell
Description
The vulnerability allows a remote attacker to bypass security restrictions on the target system.
The vulnerability exists due to unspecified flaw. A remote unauthenticated attacker with knowledge of the default credentials can gain unauthorized access to the system and perform unauthorized actions that may lead to further attacks.
Remediation
Follow the steps below to remove the user accounts named "support" and "admin" from the impacted virtual machines in
the Integrated Data Protection Appliance:
- Log in to Data Protection Advisor - Datastore Server Virtual Machine using an SSH client such as PuTTY, as root user
and execute the following commands:
- Delete the user "support"
userdel support
- Delete the user "admin"
userdel admin
- Verify that the accounts are deleted. The following commands should display "no such user" as the output.
id support
id admin
the Integrated Data Protection Appliance:
- Log in to Data Protection Advisor - Datastore Server Virtual Machine using an SSH client such as PuTTY, as root user
and execute the following commands:
- Delete the user "support"
userdel support
- Delete the user "admin"
userdel admin
- Verify that the accounts are deleted. The following commands should display "no such user" as the output.
id support
id admin