SB2022102504 - Multiple vulnerabilities in Dell EMC Data Computing Appliance (DCA)
Published: October 25, 2022
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 40 secuirty vulnerabilities.
1) Buffer overflow (CVE-ID: CVE-2020-8719)
The vulnerability allows a local user to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in subsystem. A local administrator can trigger memory corruption and execute arbitrary code on the target system with elevated privileges.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
2) Improper Verification of Cryptographic Signature (CVE-ID: CVE-2020-14365)
The vulnerability allows a local authenticated user to #BASIC_IMPACT#.
A flaw was found in the Ansible Engine, in ansible-engine 2.8.x before 2.8.15 and ansible-engine 2.9.x before 2.9.13, when installing packages using the dnf module. GPG signatures are ignored during installation even when disable_gpg_check is set to False, which is the default behavior. This flaw leads to malicious packages being installed on the system and arbitrary code executed via package installation scripts. The highest threat from this vulnerability is to integrity and system availability.
3) Buffer overflow (CVE-ID: CVE-2020-8710)
The vulnerability allows a local user to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in the bootloader. A local administrator can trigger memory corruption and execute arbitrary code on the target system with elevated privileges.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
4) Improper Authentication (CVE-ID: CVE-2020-8713)
The vulnerability allows a remote attacker to bypass authentication process.
The vulnerability exists due to an error in when processing authentication requests. A remote attacker on the local network can bypass authentication process and gain elevated privileges on the target system.
5) Improper Authentication (CVE-ID: CVE-2020-8714)
The vulnerability allows a local user to bypass authentication process.
The vulnerability exists due to an error when processing authentication requests. A local user can bypass authentication process and gain elevated privileges on the target system.
6) Access of Uninitialized Pointer (CVE-ID: CVE-2020-8715)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an invalid pointer. A local user can cause a denial of service condition on the target system.
7) Improper Access Control (CVE-ID: CVE-2020-8716)
The vulnerability allows a local user to gain unauthorized access to otherwise restricted functionality.
The vulnerability exists due to improper access restrictions. A local user can bypass implemented security restrictions and cause a denial of service (DoS) condition on the target system.
8) Improper Input Validation (CVE-ID: CVE-2020-8717)
The vulnerability allows a local user to perform a denial of servise (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input in a subsystem. A local user can pass specially crafted input to the application and cause a denial of service condition on the target system.
9) Buffer overflow (CVE-ID: CVE-2020-8718)
The vulnerability allows a local user to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in a subsystem. A local user can trigger memory corruption and execute arbitrary code on the target system with elevated privileges.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
10) Buffer overflow (CVE-ID: CVE-2020-8720)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error subsystem. A local administrator can trigger memory corruption and cause a denial of service on the target system.
11) Input validation error (CVE-ID: CVE-2020-14330)
The vulnerability allows a local authenticated user to gain access to sensitive information.
An Improper Output Neutralization for Logs flaw was found in Ansible when using the uri module, where sensitive data is exposed to content and json output. This flaw allows an attacker to access the logs or outputs of performed tasks to read keys used in playbooks from other users within the uri module. The highest threat from this vulnerability is to data confidentiality.
12) Improper Input Validation (CVE-ID: CVE-2020-8721)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to insufficient validation of user-supplied input. A local user can pass specially crafted input to the application and gain elevated privileges on the target system.
13) Buffer overflow (CVE-ID: CVE-2020-8722)
The vulnerability allows a local user to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in a subsystem. A local administrator can trigger memory corruption and execute arbitrary code on the target system with elevated privileges.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
14) Cross-site scripting (CVE-ID: CVE-2020-8723)
The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data. A remote attacker on the local network can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
15) Buffer overflow (CVE-ID: CVE-2020-8729)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error. A local user can trigger memory corruption and gain elevated privileges on the target system.
16) Heap-based Buffer Overflow (CVE-ID: CVE-2020-8730)
The vulnerability allows a local user to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error. A local user can pass specially crafted data to the application, trigger heap-based buffer overflow and execute arbitrary code on the target system with elevated privileges.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
17) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2020-8731)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to application does not properly impose security restrictions, which leads to security restrictions bypass and privilege escalation.
18) Heap-based Buffer Overflow (CVE-ID: CVE-2020-8732)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in the firmware. A remote attacker on the local network can pass specially crafted data to the application, trigger heap-based buffer overflow and execute arbitrary code on the target system with elevated privileges.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
19) Access of Uninitialized Pointer (CVE-ID: CVE-2020-12300)
The vulnerability allows a local user to escalate privileges on the system.
20) Inclusion of Sensitive Information in Log Files (CVE-ID: CVE-2020-14332)
The vulnerability allows a local authenticated user to gain access to sensitive information.
A flaw was found in the Ansible Engine when using module_args. Tasks executed with check mode (--check-mode) do not properly neutralize sensitive data exposed in the event data. This flaw allows unauthorized users to read this data. The highest threat from this vulnerability is to confidentiality.
21) Incorrect permission assignment for critical resource (CVE-ID: CVE-2020-1736)
The vulnerability allows a local user to gain access to potentially sensitive information.
The vulnerability exists when a file is moved using "atomic_move" primitive as the file mode cannot be specified. A local user can gain unauthorized access to sensitive information on the system.
22) Use of a broken or risky cryptographic algorithm (CVE-ID: CVE-2020-12401)
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to usage of ECDSA signatures. A local user can perform a side channel attack and gain access to sensitive information.
23) Out-of-bounds read (CVE-ID: CVE-2019-11719)
The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.
When importing a curve25519 private key in PKCS#8format with leading 0x00 bytes, it is possible to trigger an out-of-bounds read in the Network Security Services (NSS) library. This could lead to information disclosure. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8.
24) Improper Certificate Validation (CVE-ID: CVE-2019-11727)
The vulnerability allows a remote attacker to perform MitM attack.
The vulnerability exists doe to an error within the Mozilla NSS library, when working with TLS certificates. A remote attacker can force Network Security Services (NSS) to sign CertificateVerify with
PKCS#1 v1.5 signatures when those are the only ones advertised by server
in CertificateRequest in TLS 1.3. A remote attacker can perform a Man-in-the-Middle attack and gain access to sensitive information.
25) Use-after-free (CVE-ID: CVE-2019-11756)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error when processing SFTKSession object. A remote attacker can create a specially crafted web page, trick the victim into opening it, trigger a use-after-free error and crash the application or execute arbitrary code on the target system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
26) Heap-based buffer overflow (CVE-ID: CVE-2019-17006)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in Mozilla NSS library when processing input text length while using certain cryptographic primitives. A remote attacker can pass specially crafted data to the application, trigger heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
27) Algorithm Downgrade (CVE-ID: CVE-2019-17023)
The vulnerability allows a remote attacker to bypass certain security restrictions.
The vulnerability exists due to insecure negotiation After a HelloRetryRequest in Mozilla NSS that can lead to selection of a less secure protocol (e.g. TLS 1.2 or below) after the HelloRetryRequest TLS 1.3 is sent.
28) Cryptographic issues (CVE-ID: CVE-2020-6829)
The vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to usage of wNAF point multiplication algorithm when performing EC scalar point multiplication, which leaked partial information about the nonce used during signature generation. A remote attacker can perform an electro-magnetic side-channel attack and recover the private key.
29) Use of a broken or risky cryptographic algorithm (CVE-ID: CVE-2020-12400)
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists in Mozilla NSS library in the way P-384 and P-521 curves are used in the generation of EDSA signatures, leaking partial information about the ECDSA nonce. Given a small number of ECDSA signatures, this information can be used to steal the private key.
30) Cryptographic issues (CVE-ID: CVE-2020-12402)
The vulnerability allows a remote attacker to recover the secret primes.
During RSA key generation, bignum implementations used a variation of the Binary Extended Euclidean Algorithm which entailed significantly input-dependent flow. This allowed an attacker able to perform electromagnetic-based side channel attacks to record traces leading to the recovery of the secret primes.
31) Double Free (CVE-ID: CVE-2019-6978)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to double free in the gdImage*Ptr() functions in gd_gif_out.c, gd_jpeg.c, and gd_wbmp.c. A remote attacker can trick the victim into opening a specially crafted input, trigger double free error and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
32) Out-of-bounds read (CVE-ID: CVE-2020-12403)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition when processing data encrypted with CHACHA20-POLY1305 ciphersuite. A remote attacker can trick the victim to connect to a malicious server and gain access to sensitive information.
33) Observable Response Discrepancy (CVE-ID: CVE-2020-8695)
The vulnerability allows a local user to gain access to potentially sensitive information.
The vulnerability exists due to observable discrepancy in the Running Average Power Limit (RAPL) Interface. A local administrator can gain access to sensitive information on the target system.
Affected products:
|
Product Collection |
Vertical Segment |
CPUID |
|
8th Generation Intel® Core™ Processor Family |
Mobile |
806E9 |
|
10th Generation Intel® Core™ Processor Family |
Mobile |
806EC |
|
8th Generation Intel® Core™ Processor Family |
Mobile |
906EA |
|
9th Generation Intel® Core™ Processor Family |
Mobile |
906EC |
|
8th Generation Intel® Core™ Processor Family |
Desktop |
906EA |
|
9th Generation Intel® Core™ Processor Family |
Desktop |
906EC |
|
Intel® Xeon® Processor E Family |
Server Workstation AMT Server |
906EA |
|
8th Generation Intel® Core™ Processor Family |
Mobile |
806EA |
|
8th Generation Intel® Core™ Processor Family Intel® Pentium® Gold Processor Series Intel® Celeron® Processor G Series |
Desktop |
906EB |
|
Intel® Xeon® Processor E Family |
Server Workstation AMT Server |
906EA |
|
8th Generation Intel® Core™ Processor Family |
Desktop |
906EA |
|
9th Generation Intel® Core™ Processor Family |
Desktop |
906ED |
|
9th Generation Intel® Core™ Processor Family |
Desktop |
906ED |
|
10th Generation Intel® Core™ Processor Family |
Mobile |
A0660 |
|
10th Generation Intel® Core™ Processor Family |
Mobile |
A0661 |
|
10th Generation Intel® Core™ Processor Family |
Mobile |
806EC |
|
10th Generation Intel® Core™ Processor Family |
Desktop |
A0653 |
|
10th Generation Intel® Core™ Processor Family |
Mobile |
A0655 |
|
10th Generation Intel® Core™ Processor Family |
Mobile |
A0652 |
|
Intel® Pentium® Processor Silver Series Intel® Celeron® Processor J Series Intel® Celeron® Processor N Series |
Desktop Mobile Embedded |
706A1 |
|
Intel® Pentium® Processor Silver Series Intel® Celeron® Processor J Series Intel® Celeron® Processor N Series |
Desktop Mobile Embedded |
706A8 |
|
10th Generation Intel® Core™ Processor Family |
Mobile |
706E5 |
|
8th Generation Intel® Core™ Processor Family |
Mobile |
906E9 |
|
7th Generation Intel® Core™ Processor Family |
Mobile Embedded |
906E9 |
|
8th Generation Intel® Core™ Processor Family |
Mobile |
806EA |
|
7th Generation Intel® Core™ Processor Family |
Desktop Embedded |
906E9 |
|
7th Generation Intel® Core™ Processor Family |
Mobile |
806E9 |
|
7th Generation Intel® Core™ Processor Family |
Mobile |
806E9 |
|
Intel® Core™ X-series Processors |
Desktop |
906E9 |
|
Intel® Xeon® Processor E3 v6 Family |
Server Workstation AMT Server |
906E9 |
|
7th Generation Intel® Core™ Processor Family |
Mobile |
806E9 |
|
6th Generation Intel® Core™ Processor Family |
Mobile |
506E3 |
|
6th Generation Intel® Core™ Processor Family |
Desktop Embedded |
506E3 |
|
6th Generation Intel® Core™ Processors |
Mobile |
406E3 |
|
6th Generation Intel® Core™ Processor Family |
Mobile |
406E3 |
|
Intel® Xeon® Processor E3 v5 Family |
Server Workstation AMT Server |
506E3 |
|
6th Generation Intel® Core™ Processor Family |
Mobile |
406E3 |
|
8th Generation Intel® Core™ Processors |
Mobile |
806EB |
|
8th Generation Intel® Core™ Processors |
Mobile |
806EC |
34) Security restrictions bypass (CVE-ID: CVE-2020-8696)
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to improper removal of sensitive information before storage or transfer in
some Intel(R) Processors. A local user can gain access to sensitive information on the system.
35) Security restrictions bypass (CVE-ID: CVE-2020-8698)
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to improper isolation of shared resources in some Intel(R) Processors. A local user can gain access to sensitive information on the system.
36) Heap-based buffer overflow (CVE-ID: CVE-2019-5482)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the tftp_receive_packet() function when processing TFTP data. A remote attacker can send specially crafted TFTP response to the vulnerable curl client, trigger heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
37) XML External Entity injection (CVE-ID: CVE-2018-20843)
The vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to insufficient validation of user-supplied XML input including XML names that contain a large number of colons. A remote attacker can pass a specially crafted XML code to the affected application and view contents of arbitrary files on the system or initiate requests to external systems.
Successful exploitation of the vulnerability may allow an attacker to view contents of arbitrary file on the server or perform network scanning of internal and external infrastructure.
38) Out-of-bounds read (CVE-ID: CVE-2019-15903)
The vulnerability allows a remote attacker to gain access to potentially sensitive information or perform denial of service (DoS) attack.
The vulnerability exists due to a boundary error when processing XML documents within the expat library. A remote attacker can create a specially crafted XML file, pass it to the affected application, trigger out-of-bounds read error and read contents of memory on the system or crash the affected application.
39) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2019-12450)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to the application applies default directory permissions to files while copying them in file_copy_fallback() function in gio/gfile.c. A local user can interfere with the copying operation and gain access to otherwise restricted files, as the application applies correct access permissions after the file was copied only.
Such application behavior allows a local user to access potentially sensitive data or modify file contents in case directory permissions that were applied to the file allow such operations.
40) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2019-14822)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to iBus does not check user privileges when allowing connection to the AF_UNIX socket. A local user can connect to an existing AF_UNIX socket and perform arbitrary actions, such read and send messages on behalf of another user connected on a graphical environment.
Remediation
Install update from vendor's website.