cnvd - cnvd-2018-09576

CNVD-2018-09576

Vulnerability from cnvd - Published: 2018-05-16

Title

Dell EMC Avamar and Integrated Data Protection Appliance Installation Manager不正确访问控制漏洞

Description

Dell EMC Avamar Server和EMC Integrated Data Protection Appliance都是美国戴尔（Dell）公司的产品。Dell EMC Avamar Server是一套用于服务器的完全虚拟化的备份和恢复软件。EMC Integrated Data Protection Appliance是一套基于磁盘的备份和恢复解决方案。Avamar Installation Manager是其中的一个Avamar安装管理器。 Dell EMC Avamar Server和EMC Integrated Data Protection Appliance中的Avamar Installation Manager存在安全漏洞。远程攻击者可利用该漏洞读取或更改Local Download Service (LDLS)凭证，或使用该凭证登录Dell EMC Online Support。

Severity

中

Patch Name

Dell EMC Avamar and Integrated Data Protection Appliance Installation Manager不正确访问控制漏洞的补丁

Patch Description

Formal description

目前厂商已发布升级补丁以修复漏洞，详情请关注厂商主页： https://www.dellemc.com

Reference

https://www.exploit-db.com/exploits/44441/

Impacted products

Name
['Dell EMC Avamar Server 7.3.1', 'Dell EMC Avamar Server 7.4.1', 'Dell EMC Avamar Server 7.5.0', 'Dell EMC Integrated Data Protection Appliance 2.0', 'Dell EMC Integrated Data Protection Appliance 2.1']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2018-1217",
      "cveUrl": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1217"
    }
  },
  "description": "Dell EMC Avamar Server\u548cEMC Integrated Data Protection Appliance\u90fd\u662f\u7f8e\u56fd\u6234\u5c14\uff08Dell\uff09\u516c\u53f8\u7684\u4ea7\u54c1\u3002Dell EMC Avamar Server\u662f\u4e00\u5957\u7528\u4e8e\u670d\u52a1\u5668\u7684\u5b8c\u5168\u865a\u62df\u5316\u7684\u5907\u4efd\u548c\u6062\u590d\u8f6f\u4ef6\u3002EMC Integrated Data Protection Appliance\u662f\u4e00\u5957\u57fa\u4e8e\u78c1\u76d8\u7684\u5907\u4efd\u548c\u6062\u590d\u89e3\u51b3\u65b9\u6848\u3002Avamar Installation Manager\u662f\u5176\u4e2d\u7684\u4e00\u4e2aAvamar\u5b89\u88c5\u7ba1\u7406\u5668\u3002\r\n\r\nDell EMC Avamar Server\u548cEMC Integrated Data Protection Appliance\u4e2d\u7684Avamar Installation Manager\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u8bfb\u53d6\u6216\u66f4\u6539Local Download Service (LDLS)\u51ed\u8bc1\uff0c\u6216\u4f7f\u7528\u8be5\u51ed\u8bc1\u767b\u5f55Dell EMC Online Support\u3002",
  "discovererName": "SlidingWindow",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8be6\u60c5\u8bf7\u5173\u6ce8\u5382\u5546\u4e3b\u9875\uff1a\r\nhttps://www.dellemc.com",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2018-09576",
  "openTime": "2018-05-16",
  "patchDescription": "Dell EMC Avamar Server\u548cEMC Integrated Data Protection Appliance\u90fd\u662f\u7f8e\u56fd\u6234\u5c14\uff08Dell\uff09\u516c\u53f8\u7684\u4ea7\u54c1\u3002Dell EMC Avamar Server\u662f\u4e00\u5957\u7528\u4e8e\u670d\u52a1\u5668\u7684\u5b8c\u5168\u865a\u62df\u5316\u7684\u5907\u4efd\u548c\u6062\u590d\u8f6f\u4ef6\u3002EMC Integrated Data Protection Appliance\u662f\u4e00\u5957\u57fa\u4e8e\u78c1\u76d8\u7684\u5907\u4efd\u548c\u6062\u590d\u89e3\u51b3\u65b9\u6848\u3002Avamar Installation Manager\u662f\u5176\u4e2d\u7684\u4e00\u4e2aAvamar\u5b89\u88c5\u7ba1\u7406\u5668\u3002\r\n\r\nDell EMC Avamar Server\u548cEMC Integrated Data Protection Appliance\u4e2d\u7684Avamar Installation Manager\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u8bfb\u53d6\u6216\u66f4\u6539Local Download Service (LDLS)\u51ed\u8bc1\uff0c\u6216\u4f7f\u7528\u8be5\u51ed\u8bc1\u767b\u5f55Dell EMC Online Support\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Dell EMC Avamar and Integrated Data Protection Appliance Installation Manager\u4e0d\u6b63\u786e\u8bbf\u95ee\u63a7\u5236\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Dell EMC Avamar Server 7.3.1",
      "Dell EMC Avamar Server 7.4.1",
      "Dell EMC Avamar Server 7.5.0",
      "Dell EMC Integrated Data Protection Appliance 2.0",
      "Dell EMC Integrated Data Protection Appliance 2.1"
    ]
  },
  "referenceLink": "https://www.exploit-db.com/exploits/44441/",
  "serverity": "\u4e2d",
  "submitTime": "2018-04-11",
  "title": "Dell EMC Avamar and Integrated Data Protection Appliance Installation Manager\u4e0d\u6b63\u786e\u8bbf\u95ee\u63a7\u5236\u6f0f\u6d1e"
}

CVE-2018-1217 (GCVE-0-2018-1217)

Vulnerability from cvelistv5 – Published: 2018-04-09 20:00 – Updated: 2024-09-16 19:47

Summary

Avamar Installation Manager in Dell EMC Avamar Server 7.3.1, 7.4.1, and 7.5.0, and Dell EMC Integrated Data Protection Appliance 2.0 and 2.1, is affected by a missing access control check vulnerability which could potentially allow a remote unauthenticated attacker to read or change the Local Download Service (LDLS) credentials. The LDLS credentials are used to connect to Dell EMC Online Support. If the LDLS configuration was changed to an invalid configuration, then Avamar Installation Manager may not be able to connect to Dell EMC Online Support web site successfully. The remote unauthenticated attacker can also read and use the credentials to login to Dell EMC Online Support, impersonating the AVI service actions using those credentials.

Severity ?

No CVSS data available.

CWE

Missing Access Control Vulnerability

Assigner

dell

References

URL

Tags

	https://www.exploit-db.com/exploits/44441/	exploitx_refsource_EXPLOIT-DB
	http://www.securitytracker.com/id/1040641	vdb-entryx_refsource_SECTRACK
	http://seclists.org/fulldisclosure/2018/Apr/14	mailing-listx_refsource_FULLDISC

Impacted products

	Vendor	Product	Version
	Dell EMC	Avamar, Integrated Data Protection Appliance	Affected: Avamar Server versions 7.3.1, 7.4.1, 7.5.0 Affected: Integrated Data Protection Appliance Versions 2.0, 2.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T03:51:49.069Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "44441",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/44441/"
          },
          {
            "name": "1040641",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1040641"
          },
          {
            "name": "20180405 DSA-2018-025: Dell EMC Avamar and Integrated Data Protection Appliance Installation Manager Missing Access Control Vulnerability",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2018/Apr/14"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Avamar, Integrated Data Protection Appliance",
          "vendor": "Dell EMC",
          "versions": [
            {
              "status": "affected",
              "version": "Avamar Server versions 7.3.1, 7.4.1, 7.5.0"
            },
            {
              "status": "affected",
              "version": "Integrated Data Protection Appliance Versions 2.0, 2.1"
            }
          ]
        }
      ],
      "datePublic": "2018-04-05T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Avamar Installation Manager in Dell EMC Avamar Server 7.3.1, 7.4.1, and 7.5.0, and Dell EMC Integrated Data Protection Appliance 2.0 and 2.1, is affected by a missing access control check vulnerability which could potentially allow a remote unauthenticated attacker to read or change the Local Download Service (LDLS) credentials. The LDLS credentials are used to connect to Dell EMC Online Support. If the LDLS configuration was changed to an invalid configuration, then Avamar Installation Manager may not be able to connect to Dell EMC Online Support web site successfully. The remote unauthenticated attacker can also read and use the credentials to login to Dell EMC Online Support, impersonating the AVI service actions using those credentials."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Missing Access Control Vulnerability",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-04-12T09:57:02",
        "orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
        "shortName": "dell"
      },
      "references": [
        {
          "name": "44441",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/44441/"
        },
        {
          "name": "1040641",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1040641"
        },
        {
          "name": "20180405 DSA-2018-025: Dell EMC Avamar and Integrated Data Protection Appliance Installation Manager Missing Access Control Vulnerability",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://seclists.org/fulldisclosure/2018/Apr/14"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security_alert@emc.com",
          "DATE_PUBLIC": "2018-04-05T00:00:00",
          "ID": "CVE-2018-1217",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Avamar, Integrated Data Protection Appliance",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Avamar Server versions 7.3.1, 7.4.1, 7.5.0"
                          },
                          {
                            "version_value": "Integrated Data Protection Appliance Versions 2.0, 2.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Dell EMC"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Avamar Installation Manager in Dell EMC Avamar Server 7.3.1, 7.4.1, and 7.5.0, and Dell EMC Integrated Data Protection Appliance 2.0 and 2.1, is affected by a missing access control check vulnerability which could potentially allow a remote unauthenticated attacker to read or change the Local Download Service (LDLS) credentials. The LDLS credentials are used to connect to Dell EMC Online Support. If the LDLS configuration was changed to an invalid configuration, then Avamar Installation Manager may not be able to connect to Dell EMC Online Support web site successfully. The remote unauthenticated attacker can also read and use the credentials to login to Dell EMC Online Support, impersonating the AVI service actions using those credentials."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Missing Access Control Vulnerability"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "44441",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/44441/"
            },
            {
              "name": "1040641",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1040641"
            },
            {
              "name": "20180405 DSA-2018-025: Dell EMC Avamar and Integrated Data Protection Appliance Installation Manager Missing Access Control Vulnerability",
              "refsource": "FULLDISC",
              "url": "http://seclists.org/fulldisclosure/2018/Apr/14"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
    "assignerShortName": "dell",
    "cveId": "CVE-2018-1217",
    "datePublished": "2018-04-09T20:00:00Z",
    "dateReserved": "2017-12-06T00:00:00",
    "dateUpdated": "2024-09-16T19:47:17.864Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2018-09576

CVE-2018-1217 (GCVE-0-2018-1217)

Tags

Sightings

Nomenclature