SB2022111020 - Multiple vulnerabilities in Dell EMC Data Computing Appliance (DCA)
Published: November 10, 2022
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 9 secuirty vulnerabilities.
1) Double-free memory error (CVE-ID: CVE-2018-10902)
The vulnerability allows a local attacker to gain elevated privileges on the target system.
The vulnerability exists due to double-free memory error in snd_rawmidi_input_params() and snd_rawmidi_output_status() in 'rawmidi.c'. A local attacker can gain elevated privileges and execute arbitrary code.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
2) Stack-based buffer overflow (CVE-ID: CVE-2018-12327)
The vulnerability allows a local attacker to gain elevated privileges on the target system.
The vulnerability exists due to stack-based buffer overflow in the Network Time Protocol Query (ntpq) program and Network Time Protocol daemon (ntpd) when handling malicious input. A local attacker can submit a long string argument for an IPv4 or IPv6 command-line parameter, trigger memory corruption and execute arbitrary code with elevated privileges.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
3) OS command injection (CVE-ID: CVE-2018-16509)
The vulnerability allows a remote attacker to execute arbitrary shell commands on the target system.
The vulnerability exists due to /invalidaccess checks can be bypassed after a restore failure. A remote unauthenticated attacker can trick the victim into opening a specially crafted PostScript file that submits malicious input and execute arbitrary shell commands.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
Note: original fix for this vulnerability was incomplete in version 9.24. Vendor has issued another patch.
4) Security restrictions bypass (CVE-ID: CVE-2019-6133)
The vulnerability allows a remote attacker to bypass security restrictions on the target system.
The vulnerability exists due to fork() is not atomic, and therefore authorization decisions are improperly cached, related to lack of uid checking in polkitbackend/polkitbackendinteractiveauthority.c. A remote unauthenticated attacker can bypass the "start time" protection mechanism
5) Division by zero (CVE-ID: CVE-2018-11212)
The vulnerability allows a remote attacker to cause DoS condition.The weakness exists due to division by zero error within the libjpeg library within the libjpeg-turbo in alloc_sarray() function of jmemmgr.c file. A remote attacker can pass a specially crafted file the to affected application and cause application to crash.
6) Information disclosure (CVE-ID: CVE-2019-2422)
The vulnerability allows a remote attacker to obtain potentially sensitive information.The weakness exists due to unspecified flaw in Libraries component. A remote attacker can gain access to sensitive information on the system.
7) Information disclosure (CVE-ID: CVE-2019-2426)
The vulnerability allows a remote attacker to obtain potentially sensitive information.The weakness exists due to unspecified flaw in Networking component. A remote attacker read arbitrary data.
8) Denial of service (CVE-ID: CVE-2019-2449)
The vulnerability allows a remote attacker to cause DoS condition.The weakness exists due to unspecified flaw in Deployment component. A remote attacker cause the service to crash.
9) Improper access control (CVE-ID: CVE-2019-2540)
The vulnerability allows a remote non-authenticated attacker to read and manipulate data.
Vulnerability in the Java Advanced Management Console component of Oracle Java SE (subcomponent: Server). The supported version that is affected is Java Advanced Management Console: 2.12. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java Advanced Management Console. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java Advanced Management Console, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java Advanced Management Console accessible data as well as unauthorized read access to a subset of Java Advanced Management Console accessible data. CVSS 3.0 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).
Remediation
Install update from vendor's website.