Multiple vulnerabilities in Multiple N series Products



| Updated: 2023-05-22
Risk High
Patch available YES
Number of vulnerabilities 6
CVE-ID CVE-2016-2107
CVE-2016-2105
CVE-2016-2106
CVE-2016-2109
CVE-2016-2176
CVE-2016-2108
CWE-ID CWE-284
CWE-20
CWE-119
CWE-126
CWE-120
Exploitation vector Network
Public exploit Public exploit code for vulnerability #1 is available.
Vulnerable software
 Data ONTAP operating in 7-Mode
Operating systems & Components / Operating system package or component

SnapDrive for Unix
Other software / Other software solutions

SnapDrive for Windows
Other software / Other software solutions

Vendor NetApp

Security Bulletin

This security bulletin contains information about 6 vulnerabilities.

1) Traffic decryption

EUVDB-ID: #VU639

Risk: High

CVSSv4.0: 7.8 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/U:Amber]

CVE-ID: CVE-2016-2107

CWE-ID: CWE-284 - Improper Access Control

Exploit availability: Yes

Description

The vulnerability allows a remote user to decrypt traffic on the target system.

The weakness is due to access control error.If the connection uses an AES CBC cipher and the server support AES-NI attackers can perform padding oracle attack.

Successful exploitation of the vulnerability leads to traffic decryption on the vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Data ONTAP operating in 7-Mode: 8.2.1 - 8.2.4

SnapDrive for Unix: 5.2 - 5.3

SnapDrive for Windows: 7.1.1 - 7.1.3

CPE2.3 External links

https://www.ibm.com/support/pages/node/698395


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

2) Heap overflow

EUVDB-ID: #VU640

Risk: Low

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2016-2105

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote user to cause heap overflow on the target system.

The weakness is caused by insufficient input validation. By sending a great deal of input data attackers are able to cause overflow of the EVP_EncodeUpdate() function used for binary data encoding.

Successful exploitation of the vulnerability may result in heap overflow on the vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Data ONTAP operating in 7-Mode: 8.2.1 - 8.2.4

SnapDrive for Unix: 5.2 - 5.3

SnapDrive for Windows: 7.1.1 - 7.1.3

CPE2.3 External links

https://www.ibm.com/support/pages/node/698395


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Input validation error

EUVDB-ID: #VU33809

Risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2016-2106

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

Integer overflow in the EVP_EncryptUpdate function in crypto/evp/evp_enc.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (heap memory corruption) via a large amount of data.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Data ONTAP operating in 7-Mode: 8.2.1 - 8.2.4

SnapDrive for Unix: 5.2 - 5.3

SnapDrive for Windows: 7.1.1 - 7.1.3

CPE2.3 External links

https://www.ibm.com/support/pages/node/698395


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Excessive memory allocation

EUVDB-ID: #VU641

Risk: Low

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2016-2109

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote user to cause excessive memory allocation on the target system.

The weakness exists during reading ASN.1 data by d2i_CMS_bio() function. A short invalid encoding leads to distribution of large amounts of memory for excessive resources or exhausting memory.

Successful exploitation of the vulnerability may result in excessive memory allocation.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Data ONTAP operating in 7-Mode: 8.2.1 - 8.2.4

SnapDrive for Unix: 5.2 - 5.3

SnapDrive for Windows: 7.1.1 - 7.1.3

CPE2.3 External links

https://www.ibm.com/support/pages/node/698395


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Buffer Over-read

EUVDB-ID: #VU642

Risk: Low

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2016-2176

CWE-ID: CWE-126 - Buffer over-read

Exploit availability: No

Description

The vulnerability allows a remote to cause buffer over-read on the target system.

The weakness exists due to overread in applications using the X509_NAME_oneline() function on EBCDIC systems. The vulnerability leads to arbitrary stack data return to the buffer.

Successful exploitation of the weakness results in buffer over-read on the vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Data ONTAP operating in 7-Mode: 8.2.1 - 8.2.4

SnapDrive for Unix: 5.2 - 5.3

SnapDrive for Windows: 7.1.1 - 7.1.3

CPE2.3 External links

https://www.ibm.com/support/pages/node/698395


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Memory corruption

EUVDB-ID: #VU638

Risk: High

CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2016-2108

CWE-ID: CWE-120 - Buffer overflow

Exploit availability: No

Description

The vulnerability allows a remote user to cause memory corruption on the target system.

The weakness exists due to buffer underflow with an out-of-bounds write in i2c_ASN1_INTEGER. As ASN.1 parser (specifically, d2i_ASN1_TYPE) can misinterpret a large universal tag as a negative zero value, attacker may easily corrupt memory.

Successful exploitation of the vulnerability will allow a malicious user to trigger memory corruption on the vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Data ONTAP operating in 7-Mode: 8.2.1 - 8.2.4

SnapDrive for Unix: 5.2 - 5.3

SnapDrive for Windows: 7.1.1 - 7.1.3

CPE2.3 External links

https://www.ibm.com/support/pages/node/698395


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###