SB2023081529 - Multiple vulnerabilities in Dell PowerScale OneFS
Published: August 15, 2023
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 49 secuirty vulnerabilities.
1) SQL injection (CVE-ID: CVE-2021-36299)
The vulnerability allows a remote user to execute arbitrary SQL queries in database.
The vulnerability exists due to insufficient sanitization of user-supplied data. A remote user can send a specially crafted request to the affected application and execute arbitrary SQL commands within the application database.
Successful exploitation of this vulnerability may allow a remote attacker to read, delete, modify data in database and gain complete control over the affected application.
2) Buffer overflow (CVE-ID: CVE-2022-34417)
The vulnerability allows a local privileged user to execute arbitrary code on the target system.
The vulnerability exists due to Improper SMM communication buffer verification. A local privileged user can send a specially crafted data, trigger memory corruption and execute arbitrary code on the target system.
3) Buffer overflow (CVE-ID: CVE-2022-34418)
The vulnerability allows a local privileged user to execute arbitrary code on the target system.
The vulnerability exists due to Improper SMM communication buffer verification. A local privileged user can send a specially crafted data, trigger memory corruption and execute arbitrary code on the target system.
4) Buffer overflow (CVE-ID: CVE-2022-34419)
The vulnerability allows a local privileged user to execute arbitrary code on the target system.
The vulnerability exists due to Improper SMM communication buffer verification. A local privileged user can send a specially crafted data, trigger memory corruption and execute arbitrary code on the target system.
5) Buffer overflow (CVE-ID: CVE-2022-34420)
The vulnerability allows a local privileged user to execute arbitrary code on the target system.
The vulnerability exists due to Improper SMM communication buffer verification. A local privileged user can send a specially crafted data, trigger memory corruption and execute arbitrary code on the target system.
6) Buffer overflow (CVE-ID: CVE-2022-34421)
The vulnerability allows a local privileged user to execute arbitrary code on the target system.
The vulnerability exists due to Improper SMM communication buffer verification. A local privileged user can send a specially crafted data, trigger memory corruption and execute arbitrary code on the target system.
7) Buffer overflow (CVE-ID: CVE-2022-34422)
The vulnerability allows a local privileged user to execute arbitrary code on the target system.
The vulnerability exists due to Improper SMM communication buffer verification. A local privileged user can send a specially crafted data, trigger memory corruption and execute arbitrary code on the target system.
8) Buffer overflow (CVE-ID: CVE-2022-34423)
The vulnerability allows a local privileged user to execute arbitrary code on the target system.
The vulnerability exists due to Improper SMM communication buffer verification. A local privileged user can send a specially crafted data, trigger memory corruption and execute arbitrary code on the target system.
9) Buffer overflow (CVE-ID: CVE-2022-44640)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in ASN.1 codec in Heimdal. The ASN.1 compiler generates code that allows specially crafted DER encodings of CHOICEs to invoke the wrong free function on the decoded structure upon decode error. This is known to impact the Heimdal KDC, leading to an invalid free() of an address partly or wholly under the control of the attacker. A remote attacker can execute arbitrary code on the system.
10) Infinite loop (CVE-ID: CVE-2022-0778)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop within the BN_mod_sqrt() function when processing an ASN.1 certificate that contains elliptic curve public keys in compressed form or explicit elliptic curve parameters with a base point encoded in compressed form. A remote attacker can supply a specially crafted certificate to the TLS server or client, consume all available system resources and cause denial of service conditions.
11) Out-of-bounds write (CVE-ID: CVE-2021-20235)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a boundary error in src/decoder_allocators.hpp. A remote attacker can send a specially crafted request to the zeromq server and trigger a buffer overflow write of arbitrary data if CURVE/ZAP authentication is not enabled.
12) Cross-site scripting (CVE-ID: CVE-2021-21581)
The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
13) Buffer overflow (CVE-ID: CVE-2022-34415)
The vulnerability allows a local privileged user to execute arbitrary code on the target system.
The vulnerability exists due to Improper SMM communication buffer verification. A local privileged user can send a specially crafted data, trigger memory corruption and execute arbitrary code on the target system.
14) Improper Neutralization of Special Elements in Output Used by a Downstream Component (CVE-ID: CVE-2021-21580)
The vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to a Content spoofing / Text injection. A remote attacker can inject text to present a customized message on the application and phish users into believing that the message is legitimate.
15) Open redirect (CVE-ID: CVE-2021-21579)
The vulnerability allows a remote attacker to redirect victims to arbitrary URL.
The vulnerability exists due to improper sanitization of user-supplied data. A remote attacker can create a link that leads to a trusted website, however, when clicked, redirects the victim to arbitrary domain.
Successful exploitation of this vulnerability may allow a remote attacker to perform a phishing attack and steal potentially sensitive information.
16) Open redirect (CVE-ID: CVE-2021-21578)
The vulnerability allows a remote attacker to redirect victims to arbitrary URL.
The vulnerability exists due to improper sanitization of user-supplied data. A remote attacker can create a link that leads to a trusted website, however, when clicked, redirects the victim to arbitrary domain.
Successful exploitation of this vulnerability may allow a remote attacker to perform a phishing attack and steal potentially sensitive information.
17) Cross-site scripting (CVE-ID: CVE-2021-21577)
The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
18) Cross-site scripting (CVE-ID: CVE-2021-21576)
The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
19) Out-of-bounds write (CVE-ID: CVE-2021-36301)
The vulnerability allows a remote privileged user to compromise vulnerable system.
The vulnerability exists due to a boundary error when processing untrusted input. A remote privileged user can create a specially crafted file, trick the victim into opening it using the affected software, trigger an out-of-bounds write and execute arbitrary code on the target system.
20) Input validation error (CVE-ID: CVE-2021-36300)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack or cause information disclosure.
21) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2022-34435)
The vulnerability allows a remote user to compromise the affected system.
The vulnerability exists due to insufficient validation of user-supplied input in Racadm when the firmware lock-down configuration is set. A remote privileged user can bypass the firmware lock-down configuration and perform a firmware update.
22) Out-of-bounds read (CVE-ID: CVE-2021-3712)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition when processing ASN.1 strings related to a confusion with NULL termination of strings in array. A remote attacker can pass specially crafted data to the application to trigger an out-of-bounds read error and read contents of memory on the system or perform a denial of service (DoS) attack.
23) Improper Neutralization of Special Elements in Output Used by a Downstream Component (CVE-ID: CVE-2021-36348)
The vulnerability allows a remote user to gain access to sensitive information or perform a denial of service attack.
The vulnerability exists due to an unspecified error in iDRAC9. A remote usee can exploit this vulnerability to gain access to sensitive information or perform a denial of service attack.
24) Stack-based buffer overflow (CVE-ID: CVE-2021-36347)
The vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error. An authenticated remote user with high privileges can exploit this vulnerability to control process execution and gain access to the iDRAC operating system.
25) Buffer overflow (CVE-ID: CVE-2022-34416)
The vulnerability allows a local privileged user to execute arbitrary code on the target system.
The vulnerability exists due to Improper SMM communication buffer verification. A local privileged user can send a specially crafted data, trigger memory corruption and execute arbitrary code on the target system.
26) Buffer overflow (CVE-ID: CVE-2022-34414)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing Microsoft Office files. A remote attacker can create a specially crafted Office document, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
27) Unintended proxy or intermediary (CVE-ID: CVE-2021-33103)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to presence of an unintended proxy in the BIOS authenticated code module. A local user can execute arbitrary code with elevated privileges.
28) Improper access control (CVE-ID: CVE-2022-26343)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to improper access restrictions in the BIOS firmware. A local privileged user can execute arbitrary code with elevated privileges.
29) Improper Initialization (CVE-ID: CVE-2022-32231)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to improper initialization in the BIOS firmware. A local user can run a specially crafted application to execute arbitrary code with escalated privileges on the system.
30) Input validation error (CVE-ID: CVE-2021-0154)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to insufficient validation of user-supplied input in the BIOS firmware. A local user can escalate privileges on the system.
31) Out-of-bounds write (CVE-ID: CVE-2021-0153)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error in the BIOS firmware. A local user can run a specially crafted program to trigger an out-of-bounds write and execute arbitrary code with elevated privileges.
32) Improper access control (CVE-ID: CVE-2021-33123)
The vulnerability allows a local user to escalate privileges on the system
The vulnerability exists due to improper access restrictions in the BIOS authenticated code module. A local user can obtain elevated privileges on the system.
33) Uncaught Exception (CVE-ID: CVE-2021-0190)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to uncaught exception in the BIOS firmware. A local user can run a specially crafted program to execute arbitrary code with elevated privileges.
34) Insufficient Control Flow Management (CVE-ID: CVE-2021-33122)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to insufficient control flow management in the BIOS firmware. A local user can run a specially crafted program to execute arbitrary code with elevated privileges.
35) Use of Out-of-range Pointer Offset (CVE-ID: CVE-2021-0189)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to use of out-of-range pointer offset in the BIOS firmware. A local user can execute arbitrary code with elevated privileges.
36) Out-of-bounds write (CVE-ID: CVE-2021-33124)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error in the BIOS authenticated code module. A local user can run a specially crafted program to trigger an out-of-bounds write error and execute arbitrary code with elevated privileges.
37) Input validation error (CVE-ID: CVE-2021-0159)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to insufficient validation of user-supplied input in the BIOS authenticated code module. A local user can pass specially crafted data to the affected module and execute arbitrary code on the system with elevated privileges.
38) Buffer overflow (CVE-ID: CVE-2022-34413)
The vulnerability allows a local privileged user to execute arbitrary code on the target system.
The vulnerability exists due to Improper SMM communication buffer verification. A local privileged user can send a specially crafted data, trigger memory corruption and execute arbitrary code on the target system.
39) Return of pointer value outside of expected range (CVE-ID: CVE-2021-0188)
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to a boundary error in the BIOS firmware. A local user can force the firmware to return pointer value outside of expected range and gain access to potentially sensitive information.
40) Unchecked Return Value (CVE-ID: CVE-2021-0155)
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to unchecked return value in the BIOS firmware. A local user can gain access to potentially sensitive information.
41) Buffer overflow (CVE-ID: CVE-2022-34377)
The vulnerability allows a local privileged user to execute arbitrary code on the target system.
The vulnerability exists due to Improper SMM communication buffer verification. A local privileged user can send a specially crafted data, trigger memory corruption and execute arbitrary code on the target system.
42) Buffer overflow (CVE-ID: CVE-2022-34376)
The vulnerability allows a local privileged user to execute arbitrary code on the target system.
The vulnerability exists due to Improper SMM communication buffer verification. A local privileged user can send a specially crafted data, trigger memory corruption and execute arbitrary code on the target system.
43) Buffer overflow (CVE-ID: CVE-2022-34406)
The vulnerability allows a local privileged user to execute arbitrary code on the target system.
The vulnerability exists due to Improper SMM communication buffer verification. A local privileged user can send a specially crafted data, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
44) Buffer overflow (CVE-ID: CVE-2022-34407)
The vulnerability allows a local privileged user to execute arbitrary code on the target system.
The vulnerability exists due to Improper SMM communication buffer verification. A local privileged user can send a specially crafted data, trigger memory corruption and execute arbitrary code on the target system.
45) Buffer overflow (CVE-ID: CVE-2022-34408)
The vulnerability allows a local privileged user to execute arbitrary code on the target system.
The vulnerability exists due to Improper SMM communication buffer verification. A local privileged user can send a specially crafted data, trigger memory corruption and execute arbitrary code on the target system.
46) Buffer overflow (CVE-ID: CVE-2022-34409)
The vulnerability allows a local privileged user to execute arbitrary code on the target system.
The vulnerability exists due to Improper SMM communication buffer verification. A local privileged user can send a specially crafted data, trigger memory corruption and execute arbitrary code on the target system.
47) Buffer overflow (CVE-ID: CVE-2022-34410)
The vulnerability allows a local privileged user to execute arbitrary code on the target system.
The vulnerability exists due to Improper SMM communication buffer verification. A local privileged user can send a specially crafted data, trigger memory corruption and execute arbitrary code on the target system.
48) Buffer overflow (CVE-ID: CVE-2022-34411)
The vulnerability allows a local privileged user to execute arbitrary code on the target system.
The vulnerability exists due to Improper SMM communication buffer verification. A local privileged user can send a specially crafted data, trigger memory corruption and execute arbitrary code on the target system.
49) Buffer overflow (CVE-ID: CVE-2022-34412)
The vulnerability allows a local privileged user to execute arbitrary code on the target system.
The vulnerability exists due to Improper SMM communication buffer verification. A local privileged user can send a specially crafted data, trigger memory corruption and execute arbitrary code on the target system.
Remediation
Install update from vendor's website.