FKIE_CVE-2019-3736

Vulnerability from fkie_nvd - Published: 2019-09-27 21:15 - Updated: 2024-11-21 04:42
Severity ?
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Dell EMC Integrated Data Protection Appliance versions prior to 2.3 contain a password storage vulnerability in the ACM component. A remote authenticated malicious user with root privileges may potentially use a support tool to decrypt encrypted passwords stored locally on the system to use it to access other components using the privileges of the compromised user.
References
security_alert@emc.comhttps://www.dell.com/support/security/en-us/details/536363/DSA-2019-112-Dell-EMC-Integrated-Data-Protection-Appliance-Multiple-VulnerabilitiesVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.dell.com/support/security/en-us/details/536363/DSA-2019-112-Dell-EMC-Integrated-Data-Protection-Appliance-Multiple-VulnerabilitiesVendor Advisory
Impacted products
Vendor Product Version
dell emc_integrated_data_protection_appliance_firmware 2.0
dell emc_integrated_data_protection_appliance_firmware 2.1
dell emc_integrated_data_protection_appliance_firmware 2.2
dell emc_idpa_dp4400 -
dell emc_idpa_dp5800 -
dell emc_idpa_dp8300 -
dell emc_idpa_dp8800 -
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:dell:emc_integrated_data_protection_appliance_firmware:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C133A08-973B-43E2-8E0C-9B7AEF467BDD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:dell:emc_integrated_data_protection_appliance_firmware:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "889D0DDB-7D31-4AE9-972A-AE14CC2A82BF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:dell:emc_integrated_data_protection_appliance_firmware:2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "970D60B9-9DAD-4F1D-BFBE-BB069756011C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:dell:emc_idpa_dp4400:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "70B89DD8-CEE9-4C3D-828D-71139D55A7C5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:dell:emc_idpa_dp5800:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FEEA32E-07CD-45F0-AB1E-235764A8A094",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:dell:emc_idpa_dp8300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C8B35A8-80BF-443E-992B-6F5B03A9928C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:dell:emc_idpa_dp8800:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E98F97BD-57F5-4F2E-9573-863503A5B911",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Dell EMC Integrated Data Protection Appliance versions prior to 2.3 contain a password storage vulnerability in the ACM component. A remote authenticated malicious user with root privileges may potentially use a support tool to decrypt encrypted passwords stored locally on the system to use it to access other components using the privileges of the compromised user."
    },
    {
      "lang": "es",
      "value": "Dell EMC Integrated Data Protection Appliance versiones anteriores a 2.3, contienen una vulnerabilidad de almacenamiento de contrase\u00f1a en el componente ACM. Un usuario malicioso autenticado remoto con privilegios de root puede utilizar una herramienta de soporte para descifrar contrase\u00f1as cifradas almacenadas localmente en el sistema para usarlas al acceder a otros componentes usando los privilegios del usuario comprometido."
    }
  ],
  "id": "CVE-2019-3736",
  "lastModified": "2024-11-21T04:42:26.043",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "NONE",
          "baseScore": 4.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 8.2,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 1.5,
        "impactScore": 6.0,
        "source": "security_alert@emc.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.2,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.2,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-09-27T21:15:10.080",
  "references": [
    {
      "source": "security_alert@emc.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.dell.com/support/security/en-us/details/536363/DSA-2019-112-Dell-EMC-Integrated-Data-Protection-Appliance-Multiple-Vulnerabilities"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.dell.com/support/security/en-us/details/536363/DSA-2019-112-Dell-EMC-Integrated-Data-Protection-Appliance-Multiple-Vulnerabilities"
    }
  ],
  "sourceIdentifier": "security_alert@emc.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-257"
        }
      ],
      "source": "security_alert@emc.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-327"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.