what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

EMC VMAX Virtual Appliance (vApp) Authentication Bypass

EMC VMAX Virtual Appliance (vApp) Authentication Bypass
Posted Oct 31, 2017
Authored by rgod | Site emc.com

The vApp Manager which is embedded in EMC Unisphere for VMAX, Solutions Enabler, VASA Virtual Appliances, and EMC VMAX Embedded Management (eManagement) contains an authentication bypass vulnerability that may potentially be exploited by malicious users to compromise the affected system. Affected products include EMC Unisphere for VMAX Virtual Appliance versions prior to 8.4.0.15, EMC Solutions Enabler Virtual Appliance versions prior to 8.4.0.15, EMC VASA Virtual Appliance versions prior to 8.4.0.512, and EMC VMAX Embedded Management (eManagement) versions prior to and including 1.4 (Enginuity Release 5977.1125.1125 and earlier).

tags | advisory, bypass
advisories | CVE-2017-14375
SHA-256 | f18d4b791aa5ab38928fc5023efe3fe370686f782ff9192339e3ecd5d208f81a

EMC VMAX Virtual Appliance (vApp) Authentication Bypass

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

ESA-2017-137: EMC VMAX Virtual Appliance (vApp) Authentication Bypass Vulnerability

EMC Identifier: ESA-2017-137
CVE Identifier: CVE-2017-14375
Severity Rating: CVSSv3 Base Score: 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

Affected products:
*EMC Unisphere for VMAX Virtual Appliance versions prior to 8.4.0.15

*EMC Solutions Enabler Virtual Appliance versions prior to 8.4.0.15

*EMC VASA Virtual Appliance versions prior to 8.4.0.512

*EMC VMAX Embedded Management (eManagement) versions prior to and including 1.4 (Enginuity Release 5977.1125.1125 and earlier)


Summary:
The vApp Manager which is embedded in EMC Unisphere for VMAX, Solutions Enabler, VASA Virtual Appliances, and EMC VMAX Embedded Management (eManagement) contains an authentication bypass vulnerability that may potentially be exploited by malicious users to compromise the affected system.

Details:
The vApp Manager contains a servlet that does not perform proper authentication checks before processing AMF messages for user creation requests. A remote unauthenticated attacker, by having knowledge of the message format, may potentially create new user accounts with administrative privileges, and then log in to the affected application.

Resolution:
The following VMAX products contain a resolution for this vulnerability:
ESX Server Installs:

*EMC Unisphere for VMAX Virtual Appliance 8.4.0.15 OVA

*EMC Unisphere for VMAX Virtual Appliance 8.4.0.15 ISO

*EMC Unisphere for VMAX Virtual Appliance 8.3.0.10 OVA hotfix 1084, Service Alert 1054

*EMC Unisphere for VMAX Virtual Appliance 8.3.0.10 ISO upgrade hotfix 1083, Service Alert 1053

*EMC Solutions Enabler Virtual Appliance 8.4.0.15 OVA hotfix 2051, Service Alert 1884

*EMC Solutions Enabler Virtual Appliance 8.4.0.15 ISO upgrade hotfix 2050, Service Alert 1883

*EMC Solutions Enabler Virtual Appliance 8.3.0.33 OVA hotfix 2049, Service Alert 1882

*EMC Solutions Enabler Virtual Appliance 8.3.0.33 ISO upgrade hotfix 2048, Service Alert 1881

*EMC VASA Virtual Appliance 8.4.0.512 OVA

*EMC VASA Virtual Appliance 8.4.0.512 ISO upgrade


eManagement:

*eMGMT 1.4.0.350 ePack kit 6684

*eMGMT 1.3.0.312 ePack kit 6700

EMC recommends all customers upgrade at the earliest opportunity.


Link to remedies:

Customers can download software for EMC Unisphere for VMAX Virtual Appliance 8.4.0.15 OVA and ISO from EMC Online Support at https://support.emc.com/downloads/27045_Unisphere-for-VMAX

Customers are recommended to contact Customer Support and place a Customer Service Request for all other fixes.

Credit:
EMC would like to thank rgod working with Trend Micro's Zero Day Initiative, for reporting this issue.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQEcBAEBCAAGBQJZ90fjAAoJEHbcu+fsE81ZtNYIAIQvi8RPtbxQv8PA5Q2vIsij
sCo3qsDMMA1wSViqiHVS03HmJXC/ju/snPKEwC7tGAyrwzdNxSrqUzQNwQur9V94
r7Uqfk/LxhuyXypUujw61UsPd9v7mhZ1x/kzxSkVP8000LMi2r6eihyBC3pI+eZ8
d3vr7V8x+jtco9YD9bzMYqwXsMWqINJTwZrTam+xpHIqZax/qsaHLx7aFK6nwT4d
6V2t9Jlyt7B80TyQuHDlA4CXJXMbW37zPi9iOiJwdHIB8QbM6tz8cVuM1jjCq922
5xDA27SEKPFXyl6O9zNqrFL0tahMwtLAizO8QM9b03FXaqdq7pnaCMBjgZS2jVc=
=Dt5B
-----END PGP SIGNATURE-----


Login or Register to add favorites

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close