what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

Dell EMC Isilon OneFS XSS / Path Traversal

Dell EMC Isilon OneFS XSS / Path Traversal
Posted Mar 22, 2018
Authored by Ivan Huertas, Maximiliano Vidal | Site emc.com

Dell EMC Isilon OneFS suffers from incorrect authorization, cross site request forgery, and path traversal vulnerabilities.

tags | advisory, vulnerability, csrf
advisories | CVE-2018-1186, CVE-2018-1187, CVE-2018-1188, CVE-2018-1189, CVE-2018-1201, CVE-2018-1202, CVE-2018-1203, CVE-2018-1204, CVE-2018-1213
SHA-256 | d370d6ca7380127f4ee9a10cf1e94c01b4a479767738e0f423d758f610c85187

Dell EMC Isilon OneFS XSS / Path Traversal

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

DSA-2018-018: Dell EMC Isilon OneFS Multiple Vulnerabilities

Dell EMC Identifier: DSA-2018-018
CVE Identifier: CVE-2018-1186, CVE-2018-1187, CVE-2018-1188, CVE-2018-1189, CVE-2018-1201, CVE-2018-1202, CVE-2018-1203, CVE-2018-1204, CVE-2018-1213
Severity: High
Severity Rating: CVSS Base Score: See below for CVSS v3 scores


Affected products:
Dell EMC Isilon OneFS version 8.1.0.2 (CVE-2018-1213 only)
Dell EMC Isilon OneFS versions between 8.1.0.0 - 8.1.0.1 (all CVEs)
Dell EMC Isilon OneFS versions between 8.0.1.0 - 8.0.1.2 (all CVEs)
Dell EMC Isilon OneFS versions between 8.0.0.0 - 8.0.0.6 (all CVEs)
Dell EMC Isilon OneFS versions 7.2.1.x (CVE-2018-1186, CVE-2018-1188, CVE-2018-1189, CVE-2018-1201, CVE-2018-1204, CVE-2018-1213)
Dell EMC Isilon OneFS version 7.1.1.11 (CVE-2018-1186, CVE-2018-1189, CVE-2018-1201, CVE-2018-1202, CVE-2018-1204, CVE-2018-1213)


Summary:
Dell EMC Isilon OneFS is affected by multiple security vulnerabilities that may potentially be exploited by a malicious administrator and lead to root functions within Isilon OneFS, running in compadmin mode, being compromised.

Note: In Isilon OneFS, running in compadmin mode, compadmin user is less privileged than the nodes' root users.

Details
Incorrect Authorization Vulnerability (CVE-2018-1203)

In Dell EMC Isilon OneFS, the compadmin is able to run tcpdump binary with root privileges. The tcpdump binary, being run with sudo, may potentially be used by compadmin to execute arbitrary code with root privileges.
CVSS v3 Base Score: 6.7 (AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)

Path Traversal Vulnerability (CVE-2018-1204)

Dell EMC Isilon OneFS is affected by a path traversal vulnerability in the isi_phone_home tool. A malicious compadmin may potentially exploit this vulnerability to execute arbitrary code with root privileges.
CVSS v3 Base Score: 6.7 (AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)

Cross-Site Scripting Vulnerability in Cluster Description (CVE-2018-1186)

Dell EMC Isilon is affected by a cross-site scripting vulnerability in the Cluster description of the OneFS web administration interface. A malicious administrator may potentially inject arbitrary HTML or JavaScript code in the user's browser session in the context of the OneFS website.
CVSS v3 Base Score: 5.9 (AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L)?

Cross-Site Scripting Vulnerability in Network Configuration Page (CVE-2018-1187)

Dell EMC Isilon is affected by a cross-site scripting vulnerability in the Network Configuration page within the OneFS web administration interface. A malicious administrator may potentially inject arbitrary HTML or JavaScript code in the user's browser session in the context of the OneFS website.
CVSS v3 Base Score: 5.9 (AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L)

Cross-Site Scripting Vulnerability in Authorization Providers Page (CVE-2018-1188)

Dell EMC Isilon is affected by a cross-site scripting vulnerability in the Authorization Providers page within the OneFS web administration interface. A malicious administrator may potentially inject arbitrary HTML or JavaScript code in the user's browser session in the context of the OneFS website.
CVSS v3 Base Score: 5.9 (AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L)

Cross-Site Scripting Vulnerability in Antivirus Page (CVE-2018-1189)

Dell EMC Isilon is affected by a cross-site scripting vulnerability in the Antivirus Page within the OneFS web administration interface. A malicious administrator may potentially inject arbitrary HTML or JavaScript code in the user's browser session in the context of the OneFS website.
CVSS v3 Base Score: 5.9 (AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L)

Cross-Site Scripting Vulnerability in Job Operations Page (CVE-2018-1201)

Dell EMC Isilon is affected by a cross-site scripting vulnerability in the Job Operations Page within the OneFS web administration interface. A malicious administrator may potentially inject arbitrary HTML or JavaScript code in the user's browser session in the context of the OneFS website.
CVSS v3 Base Score: 5.9 (AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L)

Cross-Site Scripting Vulnerability in NDMP Page (CVE-2018-1202)

Dell EMC Isilon is affected by a cross-site scripting vulnerability in the NDMP Page within the OneFS web administration interface. A malicious administrator may potentially inject arbitrary HTML or JavaScript code in the user's browser session in the context of the OneFS website.
CVSS v3 Base Score: 5.9 (AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L)

Cross-Site Request Forgery Vulnerability (CVE-2018-1213)

Dell EMC Isilon OneFS is affected by a cross-site request forgery vulnerability. A malicious user may potentially exploit these vulnerability to send unauthorized requests to the server on behalf of authenticated users of the application.
CVSS v3 Base Score: 8.8 (AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)

Resolution:
The following Dell EMC Isilon OneFS maintenance releases addresses these vulnerabilities (except for CVE-2018-1213):

Dell EMC Isilon OneFS 8.1.0.2

Patches are available for the below versions:

Patch-213283 for OneFS 8.1.0.2 (CVE-2018-1213 only)

Patch-217638 for OneFS 8.1.0.1 (all CVEs)

Patch-213281 for OneFS 8.1.0.0 (all CVEs)

Patch-213280 for OneFS 8.0.1.2 (all CVEs)

Patch-213278 for OneFS 8.0.0.6 (all CVEs)

Patch-217637 for OneFS 8.0.0.5 (all CVEs)

Patch-211980 for OneFS 8.0.0.4 (all CVEs)

IMPORTANT: If you update Isilon OneFS with a patch from this list, and you are using Insight IQ, you must upgrade to Insight IQ 4.1.2 prior to installing the patch.

Dell EMC recommends that all customers upgrade to a version or patch which addresses these vulnerabilities at the earliest opportunity.

This advisory will be updated when fixes are available for additional versions.

Link To Remedies:
Registered Dell EMC Online Support customers can download OneFS installation files from the Downloads for Isilon OneFS page of the Dell EMC Online Support site at https://support.emc.com/downloads/15209_Isilon-OneFS.

If you have any questions, contact Dell EMC Support.

Credit:
Dell EMC would like to thank Ivan Huertas and Maximiliano Vidal from Core Security Consulting Services for reporting these vulnerabilities.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQEcBAEBCAAGBQJar7X8AAoJEHbcu+fsE81ZnVsH/RkfP2XUz4sHV2uQofuZR2bJ
319oyT9XVWUsOwCtQQ2ty/rolXHlO/B1viIq5OYJo4sTrN9s8dupz/Patek9HdiT
RR0nvSVEgLM4C8NwB30hwJO8luuO8RDQUc3BQnSo6Vy8b1zM9F7A+yMZgseUoOaW
u5jduNB8kvTAAyK4SnujqyBE4eT193x2yxAr15VoMRNFlmmu+S8GHpcCMoE0CDRt
05zhC6wCelN9BA0Bf7D533ffigfP8QAe+zw/OaQgQcEmoe5ys9aaHp2EJaAF5UZN
Eh5JtXuwGX3dq0GDdVgbrA0ZlQlLConpBHhZEoIn99YF4MHpbp9l3QbeEYUS2ko=
=c/8F
-----END PGP SIGNATURE-----


Login or Register to add favorites

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close