Multiple vulnerabilities in Dell EMC PowerFlex rack
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 19 |
| CVE-ID | CVE-2020-11905 CVE-2020-11914 CVE-2020-11913 CVE-2020-11912 CVE-2020-11911 CVE-2020-11910 CVE-2020-11909 CVE-2020-11908 CVE-2020-11907 CVE-2020-11906 CVE-2020-11904 CVE-2020-11903 CVE-2020-11902 CVE-2020-11901 CVE-2020-11900 CVE-2020-11899 CVE-2020-11898 CVE-2020-11897 CVE-2020-11896 |
| CWE-ID | CWE-125 CWE-20 CWE-284 CWE-200 CWE-170 CWE-130 CWE-190 CWE-415 |
| Exploitation vector | Network |
| Public exploit |
Vulnerability #16 is being exploited in the wild. Public exploit code for vulnerability #17 is available. Public exploit code for vulnerability #19 is available. |
| Vulnerable software |
PowerFlex rack Other software / Other software solutions |
| Vendor | Dell |
Security Bulletin
This security bulletin contains information about 19 vulnerabilities.
1) Out-of-bounds read
EUVDB-ID: #VU29098
Risk: Low
CVSSv4.0: 2.3 [CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2020-11905
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in DHCPv6 component. A remote attacker on the local network can send a specially crafted packet, trigger out-of-bounds read error and read contents of memory on the system.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerFlex rack: before 3.3.8.2
CPE2.3 External linksQ & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Input validation error
EUVDB-ID: #VU29114
Risk: Low
CVSSv4.0: 0.6 [CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2020-11914
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to insufficient validation of user-supplied input in ARP component. A remote attacker on the local network can send a specially crafted packet, trigger out-of-bounds read and read contents of memory on the system.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerFlex rack: before 3.3.8.2
CPE2.3 External linksQ & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Input validation error
EUVDB-ID: #VU29113
Risk: Low
CVSSv4.0: 1.7 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2020-11913
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to insufficient validation of user-supplied input in IPv6 component. A remote attacker can send a specially crafted packet, trigger out-of-bounds read and read contents of memory on the system.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerFlex rack: before 3.3.8.2
CPE2.3 External linksQ & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Input validation error
EUVDB-ID: #VU29106
Risk: Low
CVSSv4.0: 0.6 [CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2020-11912
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input in TCP component. A remote attacker on the local network can send a specially crafted packet, trigger out-of-bounds read and cause a denial of service condition on the target system.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerFlex rack: before 3.3.8.2
CPE2.3 External linksQ & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Improper access control
EUVDB-ID: #VU29104
Risk: Low
CVSSv4.0: 1.7 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2020-11911
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality.
The vulnerability exists due to improper access restrictions. A remote attacker can bypass implemented security restrictions and change one specific configuration value.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerFlex rack: before 3.3.8.2
CPE2.3 External linksQ & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Input validation error
EUVDB-ID: #VU29103
Risk: Low
CVSSv4.0: 1.7 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2020-11910
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to insufficient validation of user-supplied input in ICMPv4 component . A remote attacker can send a specially crafted packet, trigger out-of-bounds read and read contents of memory on the system.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerFlex rack: before 3.3.8.2
CPE2.3 External linksQ & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Information disclosure
EUVDB-ID: #VU29102
Risk: Low
CVSSv4.0: 1.7 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2020-11909
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to improper input validation in IPv4 component. A remote attacker can send a specially crafted packet and gain unauthorized access to sensitive information on the system.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerFlex rack: before 3.3.8.2
CPE2.3 External linksQ & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Improper Null Termination
EUVDB-ID: #VU29101
Risk: Low
CVSSv4.0: 0.6 [CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2020-11908
CWE-ID:
CWE-170 - Improper Null Termination
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to improper null termination in DHCP component. A remote attacker on the local network can send a specially crafted packet and gain unauthorized access to sensitive information on the system.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerFlex rack: before 3.3.8.2
CPE2.3 External linksQ & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
9) Improper Handling of Length Parameter Inconsistency
EUVDB-ID: #VU29100
Risk: Low
CVSSv4.0: 5.2 [CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2020-11907
CWE-ID:
CWE-130 - Improper Handling of Length Parameter Inconsistency
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the system.
The vulnerability exists due to improper handling of length parameter inconsistency in TCP component. A remote attacker on the local network can send a specially crafted packet and execute arbitrary code on the target system.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerFlex rack: before 3.3.8.2
CPE2.3 External linksQ & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
10) Input validation error
EUVDB-ID: #VU29099
Risk: Low
CVSSv4.0: 5.2 [CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2020-11906
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to insufficient validation of user-supplied input in ethernet link layer component. A remote attacker on the local network can send a specially crafted packet and execute arbitrary code on the system.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerFlex rack: before 3.3.8.2
CPE2.3 External linksQ & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
11) Integer overflow
EUVDB-ID: #VU29097
Risk: High
CVSSv4.0: 7.2 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2020-11904
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to integer overflow in memory allocation component. A remote attacker can send a specially crafted packet, trigger integer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerFlex rack: before 3.3.8.2
CPE2.3 External linksQ & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
12) Out-of-bounds read
EUVDB-ID: #VU29096
Risk: Low
CVSSv4.0: 2.3 [CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2020-11903
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in DHCP component. A remote attacker on the local network can send a specially crafted packet, trigger out-of-bounds read error and read contents of memory on the system.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerFlex rack: before 3.3.8.2
CPE2.3 External linksQ & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
13) Input validation error
EUVDB-ID: #VU29095
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2020-11902
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information or perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input in IPv6 over IPv4 tunneling component. A remote attacker can send a specially crafted packet to the application and trigger out-of-bounds read, leading to information disclosure or denial of service condition.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerFlex rack: before 3.3.8.2
CPE2.3 External linksQ & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
14) Input validation error
EUVDB-ID: #VU29094
Risk: High
CVSSv4.0: 7.2 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2020-11901
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the system.
The vulnerability exists due to insufficient validation of user-supplied input in DNS resolver component. A remote attacker can send a specially crafted packet and execute arbitrary code on the target system.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerFlex rack: before 3.3.8.2
CPE2.3 External linksQ & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
15) Double Free
EUVDB-ID: #VU29093
Risk: High
CVSSv4.0: 6.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2020-11900
CWE-ID:
CWE-415 - Double Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error in IPv4 tunneling component. A remote attacker can pass specially crafted packet to the application, trigger double free error and cause a denial of service condition on the target system.
Install update from vendor's website.
Vulnerable software versionsPowerFlex rack: before 3.3.8.2
CPE2.3 External linksQ & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
16) Input validation error
EUVDB-ID: #VU29092
Risk: Low
CVSSv4.0: 5.3 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:A/U:Clear]
CVE-ID: CVE-2020-11899
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input in IPv6 component. A remote attacker on the local network can pass specially crafted packet, trigger out-of-bounds read and perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerFlex rack: before 3.3.8.2
CPE2.3 External linksQ & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
Yes. This vulnerability is being exploited in the wild.
17) Improper Handling of Length Parameter Inconsistency
EUVDB-ID: #VU29091
Risk: Medium
CVSSv4.0: 7.8 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N/E:P/U:Green]
CVE-ID: CVE-2020-11898
CWE-ID:
CWE-130 - Improper Handling of Length Parameter Inconsistency
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information or perform a denial of service (DoS) attack.
The vulnerability exists due to improper handling of length parameter inconsistency in Pv4/ICMPv4 component. A remote attacker can send a specially crafted packet and trigger out-of-bounds read, leading to information disclosure or denial of service condition.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerFlex rack: before 3.3.8.2
CPE2.3 External linksQ & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
18) Improper Handling of Length Parameter Inconsistency
EUVDB-ID: #VU29090
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2020-11897
CWE-ID:
CWE-130 - Improper Handling of Length Parameter Inconsistency
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the system.
The vulnerability exists due to improper handling of length parameter inconsistency in IPv6 component. A remote attacker can send a specially crafted packet, leading to out-of-bounds write issue and execute arbitrary code on the target system.
Mitigation
Install update from vendor's website.
Vulnerable software versionsPowerFlex rack: before 3.3.8.2
CPE2.3 External linksQ & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
19) Improper Handling of Length Parameter Inconsistency
EUVDB-ID: #VU29089
Risk: High
CVSSv4.0: 8.9 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Amber]
CVE-ID: CVE-2020-11896
CWE-ID:
CWE-130 - Improper Handling of Length Parameter Inconsistency
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the system.
The vulnerability exists due to improper handling of length parameter inconsistency in IPv4/UDP component. A remote attacker can send a specially crafted packet and execute arbitrary code on the target system.
MitigationInstall update from vendor's website.
Vulnerable software versionsPowerFlex rack: before 3.3.8.2
CPE2.3 External linksQ & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
