Multiple vulnerabilities in Dell EMC VxRail Appliance



Published: 2022-10-18
Risk High
Patch available YES
Number of vulnerabilities 11
CVE-ID CVE-2021-21994
CVE-2021-21995
CVE-2020-24511
CVE-2020-12357
CVE-2020-12358
CVE-2020-12360
CVE-2020-24486
CVE-2021-21579
CVE-2021-21578
CVE-2021-21577
CVE-2021-21576
CWE-ID CWE-287
CWE-125
CWE-200
CWE-665
CWE-119
CWE-20
CWE-601
CWE-79
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe
Dell EMC VxRail Appliance
Hardware solutions / Routers & switches, VoIP, GSM, etc

Vendor Dell

Security Bulletin

This security bulletin contains information about 11 vulnerabilities.

1) Improper Authentication

EUVDB-ID: #VU54814

Risk: High

CVSSv3.1: 7.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-21994

CWE-ID: CWE-287 - Improper Authentication

Exploit availability: No

Description

The vulnerability allows a remote attacker to bypass authentication process.

The vulnerability exists due to an error in when processing authentication requests in SFCB (Small Footprint CIM Broker). A remote attacker can send specially crafted requests to port 5989/tcp, bypass SFCB authentication and gain unauthorized access to the system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Dell EMC VxRail Appliance: before 4.5.462

CPE2.3
External links

http://www.dell.com/support/kbdoc/en-us/000190011/dsa-2021-155-dell-emc-vxrail-appliance-security-update-for-multiple-third-party-component-vulnerabilities


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Out-of-bounds read

EUVDB-ID: #VU54816

Risk: Medium

CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-21995

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary condition when processing requests within the OpenSLP service. A remote attacker can send a specially crafted request to port 427/UDP, trigger a heap out-of-bounds read and perform a denial of service attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Dell EMC VxRail Appliance: before 4.5.462

CPE2.3
External links

http://www.dell.com/support/kbdoc/en-us/000190011/dsa-2021-155-dell-emc-vxrail-appliance-security-update-for-multiple-third-party-component-vulnerabilities


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Information disclosure

EUVDB-ID: #VU54203

Risk: Low

CVSSv3.1: 4.9 [CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-24511

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to improper isolation of shared resources. A local user can gain unauthorized access to sensitive information on the system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Dell EMC VxRail Appliance: before 4.5.462

CPE2.3
External links

http://www.dell.com/support/kbdoc/en-us/000190011/dsa-2021-155-dell-emc-vxrail-appliance-security-update-for-multiple-third-party-component-vulnerabilities


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Improper Initialization

EUVDB-ID: #VU54161

Risk: Low

CVSSv3.1: 6.5 [CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-12357

CWE-ID: CWE-665 - Improper Initialization

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to improper initialization in the firmware. A local administrator can run a specially crafted application to execute arbitrary code with escalated privileges on the system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Dell EMC VxRail Appliance: before 4.5.462

CPE2.3
External links

http://www.dell.com/support/kbdoc/en-us/000190011/dsa-2021-155-dell-emc-vxrail-appliance-security-update-for-multiple-third-party-component-vulnerabilities


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Buffer overflow

EUVDB-ID: #VU54165

Risk: Low

CVSSv3.1: 5.8 [CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-12358

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error when in the firmware. A local administrator can trigger memory corruption and cause a denial of service condition on the target system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Dell EMC VxRail Appliance: before 4.5.462

CPE2.3
External links

http://www.dell.com/support/kbdoc/en-us/000190011/dsa-2021-155-dell-emc-vxrail-appliance-security-update-for-multiple-third-party-component-vulnerabilities


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Out-of-bounds read

EUVDB-ID: #VU54167

Risk: Low

CVSSv3.1: 4.9 [CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-12360

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition in the firmware. A local user can trigger out-of-bounds read error and read contents of memory on the system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Dell EMC VxRail Appliance: before 4.5.462

CPE2.3
External links

http://www.dell.com/support/kbdoc/en-us/000190011/dsa-2021-155-dell-emc-vxrail-appliance-security-update-for-multiple-third-party-component-vulnerabilities


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Input validation error

EUVDB-ID: #VU54168

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-24486

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input in the firmware. A local user can pass specially crafted input to the application and perform a denial of service (DoS) attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Dell EMC VxRail Appliance: before 4.5.462

CPE2.3
External links

http://www.dell.com/support/kbdoc/en-us/000190011/dsa-2021-155-dell-emc-vxrail-appliance-security-update-for-multiple-third-party-component-vulnerabilities


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Open redirect

EUVDB-ID: #VU62642

Risk: Medium

CVSSv3.1: 5.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-21579

CWE-ID: CWE-601 - URL Redirection to Untrusted Site ('Open Redirect')

Exploit availability: No

Description

The vulnerability allows a remote attacker to redirect victims to arbitrary URL.

The vulnerability exists due to improper sanitization of user-supplied data. A remote attacker can create a link that leads to a trusted website, however, when clicked, redirects the victim to arbitrary domain.

Successful exploitation of this vulnerability may allow a remote attacker to perform a phishing attack and steal potentially sensitive information.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Dell EMC VxRail Appliance: before 4.5.462

CPE2.3
External links

http://www.dell.com/support/kbdoc/en-us/000190011/dsa-2021-155-dell-emc-vxrail-appliance-security-update-for-multiple-third-party-component-vulnerabilities


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) Open redirect

EUVDB-ID: #VU62639

Risk: Medium

CVSSv3.1: 5.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-21578

CWE-ID: CWE-601 - URL Redirection to Untrusted Site ('Open Redirect')

Exploit availability: No

Description

The vulnerability allows a remote attacker to redirect victims to arbitrary URL.

The vulnerability exists due to improper sanitization of user-supplied data. A remote attacker can create a link that leads to a trusted website, however, when clicked, redirects the victim to arbitrary domain.

Successful exploitation of this vulnerability may allow a remote attacker to perform a phishing attack and steal potentially sensitive information.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Dell EMC VxRail Appliance: before 4.5.462

CPE2.3
External links

http://www.dell.com/support/kbdoc/en-us/000190011/dsa-2021-155-dell-emc-vxrail-appliance-security-update-for-multiple-third-party-component-vulnerabilities


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

10) Cross-site scripting

EUVDB-ID: #VU62637

Risk: Low

CVSSv3.1: 5.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-21577

CWE-ID: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Exploit availability: No

Description

The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.

The vulnerability exists due to insufficient sanitization of user-supplied data. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.

Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Dell EMC VxRail Appliance: before 4.5.462

CPE2.3
External links

http://www.dell.com/support/kbdoc/en-us/000190011/dsa-2021-155-dell-emc-vxrail-appliance-security-update-for-multiple-third-party-component-vulnerabilities


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

11) Cross-site scripting

EUVDB-ID: #VU62636

Risk: Low

CVSSv3.1: 5.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-21576

CWE-ID: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Exploit availability: No

Description

The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.

The vulnerability exists due to insufficient sanitization of user-supplied data. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.

Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Dell EMC VxRail Appliance: before 4.5.462

CPE2.3
External links

http://www.dell.com/support/kbdoc/en-us/000190011/dsa-2021-155-dell-emc-vxrail-appliance-security-update-for-multiple-third-party-component-vulnerabilities


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###