cnvd - cnvd-2016-08612

CNVD-2016-08612

Vulnerability from cnvd - Published: 2016-10-11

Title

EMC Replication Manager和EMC Networker Module for Microsoft远程代码执行漏洞

Description

EMC Replication Manager（RM）等都是美国易安信（EMC）公司的产品。RM是一套为EMC存储阵列中的数据复制产品提供了集成管理平台的软件；EMC Networker Module for Microsoft（NMM）是一套为Microsoft应用程序提供基于VSS的统一联机保护工具。 EMC RM和NMM中的客户端存在安全漏洞。远程RM服务器端的攻击者可通过放置特制的脚本在SMB共享文件中，利用该漏洞执行任意命令。

Severity

高

Patch Name

EMC Replication Manager和EMC Networker Module for Microsoft远程代码执行漏洞的补丁

Patch Description

Formal description

目前厂商已经发布了升级补丁以修复此安全问题，详情请关注厂商主页： http://www.emc.com/

Reference

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0913

Impacted products

Name
['EMC Replication Manager (RM) 5.5.2', 'EMC Replication Manager (RM) 5.5', 'EMC Replication Manager (RM) 5.4.4', 'EMC Replication Manager (RM) 5.4', 'EMC Replication Manager (RM) 5.1', 'EMC Replication Manager (RM) 5.0', 'EMC Networker Module for Microsoft 8.2', 'EMC Network Module for Microsoft 3.0']

Show details on source website

JSON

To clipboard

{
  "bids": {
    "bid": {
      "bidNumber": "93348"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2016-0913"
    }
  },
  "description": "EMC Replication Manager\uff08RM\uff09\u7b49\u90fd\u662f\u7f8e\u56fd\u6613\u5b89\u4fe1\uff08EMC\uff09\u516c\u53f8\u7684\u4ea7\u54c1\u3002RM\u662f\u4e00\u5957\u4e3aEMC\u5b58\u50a8\u9635\u5217\u4e2d\u7684\u6570\u636e\u590d\u5236\u4ea7\u54c1\u63d0\u4f9b\u4e86\u96c6\u6210\u7ba1\u7406\u5e73\u53f0\u7684\u8f6f\u4ef6\uff1bEMC Networker Module for Microsoft\uff08NMM\uff09\u662f\u4e00\u5957\u4e3aMicrosoft\u5e94\u7528\u7a0b\u5e8f\u63d0\u4f9b\u57fa\u4e8eVSS\u7684\u7edf\u4e00\u8054\u673a\u4fdd\u62a4\u5de5\u5177\u3002\r\n\r\nEMC RM\u548cNMM\u4e2d\u7684\u5ba2\u6237\u7aef\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u8fdc\u7a0bRM\u670d\u52a1\u5668\u7aef\u7684\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u653e\u7f6e\u7279\u5236\u7684\u811a\u672c\u5728SMB\u5171\u4eab\u6587\u4ef6\u4e2d\uff0c\u5229\u7528\u8be5\u6f0f\u6d1e\u6267\u884c\u4efb\u610f\u547d\u4ee4\u3002",
  "discovererName": "Felix Wilhelm, ERNW Research",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6b64\u5b89\u5168\u95ee\u9898\uff0c\u8be6\u60c5\u8bf7\u5173\u6ce8\u5382\u5546\u4e3b\u9875\uff1a\r\nhttp://www.emc.com/",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2016-08612",
  "openTime": "2016-10-11",
  "patchDescription": "EMC Replication Manager\uff08RM\uff09\u7b49\u90fd\u662f\u7f8e\u56fd\u6613\u5b89\u4fe1\uff08EMC\uff09\u516c\u53f8\u7684\u4ea7\u54c1\u3002RM\u662f\u4e00\u5957\u4e3aEMC\u5b58\u50a8\u9635\u5217\u4e2d\u7684\u6570\u636e\u590d\u5236\u4ea7\u54c1\u63d0\u4f9b\u4e86\u96c6\u6210\u7ba1\u7406\u5e73\u53f0\u7684\u8f6f\u4ef6\uff1bEMC Networker Module for Microsoft\uff08NMM\uff09\u662f\u4e00\u5957\u4e3aMicrosoft\u5e94\u7528\u7a0b\u5e8f\u63d0\u4f9b\u57fa\u4e8eVSS\u7684\u7edf\u4e00\u8054\u673a\u4fdd\u62a4\u5de5\u5177\u3002\r\n\r\nEMC RM\u548cNMM\u4e2d\u7684\u5ba2\u6237\u7aef\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u8fdc\u7a0bRM\u670d\u52a1\u5668\u7aef\u7684\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u653e\u7f6e\u7279\u5236\u7684\u811a\u672c\u5728SMB\u5171\u4eab\u6587\u4ef6\u4e2d\uff0c\u5229\u7528\u8be5\u6f0f\u6d1e\u6267\u884c\u4efb\u610f\u547d\u4ee4\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "EMC Replication Manager\u548cEMC Networker Module for Microsoft\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "EMC Replication Manager (RM) 5.5.2",
      "EMC Replication Manager (RM) 5.5",
      "EMC Replication Manager (RM)  5.4.4",
      "EMC Replication Manager (RM)  5.4",
      "EMC Replication Manager (RM)  5.1",
      "EMC Replication Manager (RM)  5.0",
      "EMC Networker Module for Microsoft 8.2",
      "EMC Network Module for Microsoft 3.0"
    ]
  },
  "referenceLink": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0913",
  "serverity": "\u9ad8",
  "submitTime": "2016-10-11",
  "title": "EMC Replication Manager\u548cEMC Networker Module for Microsoft\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e"
}

CVE-2016-0913 (GCVE-0-2016-0913)

Vulnerability from cvelistv5 – Published: 2016-10-05 01:00 – Updated: 2024-08-05 22:38

Summary

The client in EMC Replication Manager (RM) before 5.5.3.0_01-PatchHotfix, EMC Network Module for Microsoft 3.x, and EMC Networker Module for Microsoft 8.2.x before 8.2.3.6 allows remote RM servers to execute arbitrary commands by placing a crafted script in an SMB share.

Severity ?

No CVSS data available.

CWE

Assigner

dell

References

URL

Tags

	http://www.securitytracker.com/id/1036940	vdb-entryx_refsource_SECTRACK
	http://www.securityfocus.com/bid/93348	vdb-entryx_refsource_BID
	http://seclists.org/bugtraq/2016/Oct/6	mailing-listx_refsource_BUGTRAQ

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T22:38:41.015Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1036940",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1036940"
          },
          {
            "name": "93348",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/93348"
          },
          {
            "name": "20161004 ESA-2016-063: EMC Replication Manager and Network Module for Microsoft Remote Code Execution Vulnerability",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://seclists.org/bugtraq/2016/Oct/6"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-10-04T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The client in EMC Replication Manager (RM) before 5.5.3.0_01-PatchHotfix, EMC Network Module for Microsoft 3.x, and EMC Networker Module for Microsoft 8.2.x before 8.2.3.6 allows remote RM servers to execute arbitrary commands by placing a crafted script in an SMB share."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-29T09:57:01",
        "orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
        "shortName": "dell"
      },
      "references": [
        {
          "name": "1036940",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1036940"
        },
        {
          "name": "93348",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/93348"
        },
        {
          "name": "20161004 ESA-2016-063: EMC Replication Manager and Network Module for Microsoft Remote Code Execution Vulnerability",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://seclists.org/bugtraq/2016/Oct/6"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security_alert@emc.com",
          "ID": "CVE-2016-0913",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The client in EMC Replication Manager (RM) before 5.5.3.0_01-PatchHotfix, EMC Network Module for Microsoft 3.x, and EMC Networker Module for Microsoft 8.2.x before 8.2.3.6 allows remote RM servers to execute arbitrary commands by placing a crafted script in an SMB share."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1036940",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1036940"
            },
            {
              "name": "93348",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/93348"
            },
            {
              "name": "20161004 ESA-2016-063: EMC Replication Manager and Network Module for Microsoft Remote Code Execution Vulnerability",
              "refsource": "BUGTRAQ",
              "url": "http://seclists.org/bugtraq/2016/Oct/6"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
    "assignerShortName": "dell",
    "cveId": "CVE-2016-0913",
    "datePublished": "2016-10-05T01:00:00",
    "dateReserved": "2015-12-17T00:00:00",
    "dateUpdated": "2024-08-05T22:38:41.015Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2016-08612

CVE-2016-0913 (GCVE-0-2016-0913)

Tags

Sightings

Nomenclature