SB2022101411 - Multiple vulnerabilities in Dell EMC Cloud Tiering Appliance
Published: October 14, 2022 Updated: May 12, 2023
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 18 secuirty vulnerabilities.
1) Security restrictions bypass (CVE-ID: CVE-2017-5648)
The vulnerability allows a remote attacker to bypass security restrictions on the target system.The weakness exists due to the failure to use the appropriate facade object by certain application listener calls. A remote attacker can access and modify arbitrary data.
2) Security restrictions bypass (CVE-ID: CVE-2018-8034)
The vulnerability allows a remote attacker to bypass security restrictions on the target system.
The vulnerability exists due to host name verification when using TLS with the WebSocket client was missing. A remote unauthenticated attacker can bypass security restrictions when using TLS.
3) Information disclosure (CVE-ID: CVE-2018-8014)
supportsCredentials for all origins. It is expected that users of the CORS filter will have configured it appropriately for their environment rather than using it in the default configuration. A remote attacker can access important data.4) Infinite loop (CVE-ID: CVE-2018-1336)
The vulnerability allows a remote attacker to cause DoS condition on the target system.
The vulnerability exists due to improper handing of overflow in the UTF-8 decoder with supplementary characters. A remote attacker can send trigger an infinite loop in the decoder and cause the service to crash.
5) Security restrictions bypass (CVE-ID: CVE-2018-1305)
The vulnerability allows a remote attacker to bypass security restrictions on the target system.The weakness exists due to security constraints defined by annotations of Servlets are only applied once a Servlet had been loaded. A remote attacker can supply a specially crafted URL pattern and any URLs below that point, bypass security restrictions and gain unauthorised access to arbitrary resources.
6) Security restrictions bypass (CVE-ID: CVE-2018-1304)
The vulnerability allows a remote attacker to bypass security restrictions on the target system.The weakness exists due to the URL pattern of "" (the empty string) which exactly maps to the context root was not correctly handled when used as part of a security constraint definition. A remote attacker can supply a specially crafted URL, bypass security restrictions and gain unauthorised access to web application resources.
7) Improper input validation (CVE-ID: CVE-2017-12617)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.The weakness exists due to insufficient validation of user-supplied input when running with HTTP PUTs enabled. A remote attacker can send a specially crafted request to upload a JSP file to the server and execute arbitrary code on the system.
Successful exploitation of the vulnerability may result in full system compromise.
8) Improper input validation (CVE-ID: CVE-2017-7674)
The vulnerability allows a remote attacker to conduct client and server side cache poisoning.The weakness exists due to the failure to add an HTTP Vary header indicating that the response varies depending on Origin by the CORS Filter. A remote attacker can trick the victim to follow a specially crafted link and conduct client and server side cache poisoning.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks
9) Security bypass (CVE-ID: CVE-2017-5664)
The vulnerability allows a remote attacker to bypass security restrictions on the target system.The weakness exists due to improper handling of certain HTTP request methods for static error pages in Default Servlet. A remote attacker can bypass HTTP method restrictions and cause the error page to be deleted or replaced.
Successful exploitation of the vulnerability results in information modification.
10) Information disclosure (CVE-ID: CVE-2017-5647)
The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.The weakness exists in the handling of the pipelined requests when send file was used resulted in the pipelined request being lost when send file processing of the previous request completed. A remote attacker can cause responses to appear to be sent for the wrong request.
11) Remote code execution (CVE-ID: CVE-2016-8735)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists within JmxRemoteLifecycleListener listener component due to usage of vulnerable Oracle code, fixed in CVE-2016-3427. A remote unauthenticated attacker with ability to connect to vulnerable listener can execute arbitrary code on the target system.
Successful exploitation of the vulnerability may allow an attacker to gain complete control over vulnerable system.
12) Denial of service (CVE-ID: CVE-2016-6817)
The vulnerability allows a remote attacker to perform a DoS attack.
The vulnerability exists due to boundary error when parsing HTTP/2 headers. A remote attacker can send a specially crafted HTTP/2 header longer than available buffer and trigger infinite loop.
Successful exploitation of the vulnerability may result in denial of service.
13) Improper input validation (CVE-ID: CVE-2016-6816)
The vulnerability allows a remote attacker to manipulate HTTP responses.
The vulnerability exists due to incorrect parsing of HTTP requests. A remote attacker can send a specially crafted HTTP request containing specially crafted characters and perform XSS attacks, manipulate HTTP responses or obtain potentially sensitive data, belonging to other sessions.
Successful exploitation of the vulnerability may allow an attacker to gain access to potentially sensitive information, but requires presence of a proxy server, which does not block injected characters.
14) Incorrect authorization (CVE-ID: CVE-2016-6797)
The vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to ResourceLinkFactory implementation in Apache Tomcat does not limit web application access to global JNDI resources to those resources explicitly linked to the web application. A remote unauthenticated attacker can access any global JNDI resource whether an explicit ResourceLink had been configured or not.
15) Security restrictions bypass (CVE-ID: CVE-2016-6796)
The vulnerability allows an application to bypass security manager restrictions on the target system.The weakness improper access control. By modifying of configuration parameters for the JSP Servlet, a malicious application can bypass a configured SecurityManager.
Successful exploitation of the vulnerability results in security bypass.
16) Information disclosure (CVE-ID: CVE-2016-6794)
The vulnerability allows an application to obtain potentially sensitive information on the target system.The weakness is due to insufficient accesss control. By invoking the system property replacement feature, a malicious application can bypass a configured SecurityManager and read potentially sensitive system properties.
Successful exploitation of the vulnerability results in disclosure of important data on the vulnerable system.
17) Security restrictions bypass (CVE-ID: CVE-2016-5018)
The vulnerability allows an application to bypass security manager restrictions on the target system.The weakness improper access control. By invoking a certain Tomcat utility method, a malicious application can bypass a configured SecurityManager.
Successful exploitation of the vulnerability results in security bypass.
18) Improper input validation (CVE-ID: CVE-2016-0762)
The vulnerability allows a remote non-authenticated attacker to manipulate data.
The vulnerability exists due to improper input validation within the Provisioning (Apache Tomcat) component in Oracle Communications Diameter Signaling Router (DSR). A remote non-authenticated attacker can exploit this vulnerability to manipulate data.
Remediation
Install update from vendor's website.