Multiple vulnerabilities in Dell APEX Cloud Platform for Red Hat OpenShift and Dell APEX Cloud Platform Foundation Software



Published: 2024-08-01
Risk High
Patch available YES
Number of vulnerabilities 10
CVE-ID CVE-2023-39368
CVE-2023-38575
CVE-2023-22655
CVE-2023-32666
CVE-2024-0162
CVE-2024-0163
CVE-2024-0173
CVE-2024-0154
CVE-2023-29153
CVE-2024-21626
CWE-ID CWE-693
CWE-200
CWE-254
CWE-284
CWE-119
CWE-367
CWE-788
CWE-426
Exploitation vector Network
Public exploit Public exploit code for vulnerability #10 is available.
Vulnerable software
Subscribe
APEX Cloud Platform Foundation Software
Other software / Other software solutions

APEX Cloud Platform for Red Hat OpenShift
Other software / Other software solutions

Vendor Dell

Security Bulletin

This security bulletin contains information about 10 vulnerabilities.

1) Protection Mechanism Failure

EUVDB-ID: #VU87495

Risk: Medium

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-39368

CWE-ID: CWE-693 - Protection Mechanism Failure

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient implementation of security measures in the bus lock regulator mechanism. A remote attacker can trick the victim to open a specially crafted file and perform a denial of service (DoS) attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

APEX Cloud Platform Foundation Software: before 03.00.04.01

APEX Cloud Platform for Red Hat OpenShift: before 4.13.39

CPE2.3
External links

http://www.dell.com/support/kbdoc/nl-nl/000225129/dsa-2024-204-security-update-for-dell-apex-cloud-platform-for-red-hat-openshift-and-dell-apex-cloud-platform-foundation-software-for-multiple-third-party-component-vulnerabilities


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Information disclosure

EUVDB-ID: #VU87490

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-38575

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to non-transparent sharing of return predictor targets between contexts in some Intel Processors. A local user can gain unauthorized access to sensitive information on the system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

APEX Cloud Platform Foundation Software: before 03.00.04.01

APEX Cloud Platform for Red Hat OpenShift: before 4.13.39

CPE2.3
External links

http://www.dell.com/support/kbdoc/nl-nl/000225129/dsa-2024-204-security-update-for-dell-apex-cloud-platform-for-red-hat-openshift-and-dell-apex-cloud-platform-foundation-software-for-multiple-third-party-component-vulnerabilities


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Security features bypass

EUVDB-ID: #VU87459

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-22655

CWE-ID: CWE-254 - Security Features

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a protection mechanism failure in some 3rd and 4th Generation Intel Xeon Processors when using Intel SGX or Intel TDX. A local user can execute arbitrary code with elevated privileges.

Mitigation

Install update from vendor's website.

Vulnerable software versions

APEX Cloud Platform Foundation Software: before 03.00.04.01

APEX Cloud Platform for Red Hat OpenShift: before 4.13.39

CPE2.3
External links

http://www.dell.com/support/kbdoc/nl-nl/000225129/dsa-2024-204-security-update-for-dell-apex-cloud-platform-for-red-hat-openshift-and-dell-apex-cloud-platform-foundation-software-for-multiple-third-party-component-vulnerabilities


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Improper access control

EUVDB-ID: #VU87486

Risk: Low

CVSSv3.1: 6.9 [CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-32666

CWE-ID: CWE-284 - Improper Access Control

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to improper access restrictions within the on-chip debug and test interface when using Intel SGX or Intel TDX. A local privileged user can bypass implemented security restrictions and escalate privileges on the system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

APEX Cloud Platform Foundation Software: before 03.00.04.01

APEX Cloud Platform for Red Hat OpenShift: before 4.13.39

CPE2.3
External links

http://www.dell.com/support/kbdoc/nl-nl/000225129/dsa-2024-204-security-update-for-dell-apex-cloud-platform-for-red-hat-openshift-and-dell-apex-cloud-platform-foundation-software-for-multiple-third-party-component-vulnerabilities


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Buffer overflow

EUVDB-ID: #VU95133

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-0162

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error. A local low privileged attacker could potentially exploit this vulnerability leading to out-of-bound read/writes to SMRAM.

Mitigation

Install update from vendor's website.

Vulnerable software versions

APEX Cloud Platform Foundation Software: before 03.00.04.01

APEX Cloud Platform for Red Hat OpenShift: before 4.13.39

CPE2.3
External links

http://www.dell.com/support/kbdoc/nl-nl/000225129/dsa-2024-204-security-update-for-dell-apex-cloud-platform-for-red-hat-openshift-and-dell-apex-cloud-platform-foundation-software-for-multiple-third-party-component-vulnerabilities


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Time-of-check Time-of-use (TOCTOU) Race Condition

EUVDB-ID: #VU95132

Risk: Low

CVSSv3.1: 4.6 [CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-0163

CWE-ID: CWE-367 - Time-of-check Time-of-use (TOCTOU) Race Condition

Exploit availability: No

Description

The vulnerability allows a local user to gain access to gain access to otherwise unauthorized resources.

The vulnerability exists due to TOCTOU race condition. A local low privileged attacker could potentially exploit this vulnerability to gain access to otherwise unauthorized resources.

Mitigation

Install update from vendor's website.

Vulnerable software versions

APEX Cloud Platform Foundation Software: before 03.00.04.01

APEX Cloud Platform for Red Hat OpenShift: before 4.13.39

CPE2.3
External links

http://www.dell.com/support/kbdoc/nl-nl/000225129/dsa-2024-204-security-update-for-dell-apex-cloud-platform-for-red-hat-openshift-and-dell-apex-cloud-platform-foundation-software-for-multiple-third-party-component-vulnerabilities


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Access of Memory Location After End of Buffer

EUVDB-ID: #VU95136

Risk: Low

CVSSv3.1: 3.3 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-0173

CWE-ID: CWE-788 - Access of Memory Location After End of Buffer

Exploit availability: No

Description

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to improper parameter initialization. A local low privileged attacker could potentially exploit this vulnerability to read the contents of non-SMM stack memory.

Mitigation

Install update from vendor's website.

Vulnerable software versions

APEX Cloud Platform Foundation Software: before 03.00.04.01

APEX Cloud Platform for Red Hat OpenShift: before 4.13.39

CPE2.3
External links

http://www.dell.com/support/kbdoc/nl-nl/000225129/dsa-2024-204-security-update-for-dell-apex-cloud-platform-for-red-hat-openshift-and-dell-apex-cloud-platform-foundation-software-for-multiple-third-party-component-vulnerabilities


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Access of Memory Location After End of Buffer

EUVDB-ID: #VU95135

Risk: Low

CVSSv3.1: 3.3 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-0154

CWE-ID: CWE-788 - Access of Memory Location After End of Buffer

Exploit availability: No

Description

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to improper parameter initialization. A local low privileged attacker could potentially exploit this vulnerability to read the contents of non-SMM stack memory.

Mitigation

Install update from vendor's website.

Vulnerable software versions

APEX Cloud Platform Foundation Software: before 03.00.04.01

APEX Cloud Platform for Red Hat OpenShift: before 4.13.39

CPE2.3
External links

http://www.dell.com/support/kbdoc/nl-nl/000225129/dsa-2024-204-security-update-for-dell-apex-cloud-platform-for-red-hat-openshift-and-dell-apex-cloud-platform-foundation-software-for-multiple-third-party-component-vulnerabilities


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) Untrusted search path

EUVDB-ID: #VU86957

Risk: Low

CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-29153

CWE-ID: CWE-426 - Untrusted Search Path

Exploit availability: No

Description

The vulnerability allows a remote user to perform a denial of service (DoS) attack.

The vulnerability exists due to usage of an untrusted search path. A remote administrator can cause a denial of service condition on the target system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

APEX Cloud Platform Foundation Software: before 03.00.04.01

APEX Cloud Platform for Red Hat OpenShift: before 4.13.39

CPE2.3
External links

http://www.dell.com/support/kbdoc/nl-nl/000225129/dsa-2024-204-security-update-for-dell-apex-cloud-platform-for-red-hat-openshift-and-dell-apex-cloud-platform-foundation-software-for-multiple-third-party-component-vulnerabilities


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

10) Security features bypass

EUVDB-ID: #VU85991

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H/E:F/RL:O/RC:C]

CVE-ID: CVE-2024-21626

CWE-ID: CWE-254 - Security Features

Exploit availability: Yes

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to an internal file descriptor leak that can cause a newly-spawned container process (from runc exec) to have a working directory in the host filesystem namespace or a malicious image to allow a container process to gain access to the host filesystem through runc run. A remote attacker can trick the victim into loading a malicious image to bypass sandbox restrictions and execute arbitrary code on the host OS.

Mitigation

Install update from vendor's website.

Vulnerable software versions

APEX Cloud Platform Foundation Software: before 03.00.04.01

APEX Cloud Platform for Red Hat OpenShift: before 4.13.39

CPE2.3
External links

http://www.dell.com/support/kbdoc/nl-nl/000225129/dsa-2024-204-security-update-for-dell-apex-cloud-platform-for-red-hat-openshift-and-dell-apex-cloud-platform-foundation-software-for-multiple-third-party-component-vulnerabilities


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, a fully functional exploit for this vulnerability is available.



###SIDEBAR###