-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

ESA-2014-028: EMC Cloud Tiering Appliance XML External Entity (XXE) and Information Disclosure Vulnerabilities 

EMC Identifier: ESA-2014-028

CVE Identifier: CVE-2014-0644, CVE-2014-0645

Severity Rating: CVSS v2 Base Score: See below for individual scores

Affected products:  
•	EMC Cloud Tiering Appliance (CTA) 10 
•	EMC Cloud Tiering Appliance (CTA) 10 SP1
•	EMC Cloud Tiering Appliance (CTA) 9.x
•	EMC File Management Appliance (FMA) 7.x
		     
Summary: 
EMC CTA is vulnerable to XML External Entity (XXE) and information disclosure vulnerabilities that may allow a remote malicious user to compromise the affected system.

Details:  
EMC CTA versions 10 and 10 SP1 are vulnerable to XXE attack (CVE-2014-0644) which may allow a remote unauthenticated user to access arbitrary files on the affected system with root privileges. The exploit code that exposes the password file has been made available to the public. This vulnerability does not affect CTA 9.x and FMA 7.x versions.

CVSS 8.5 (AV:N/AC:L/Au:N/C:C/I:N/A:P)

In addition, the default passwords for built-in accounts (“root”, “super”, “admin”) are stored using a weak DES encryption algorithm (CVE-2014-0644).  This issue does not affect passwords changed during installation/usage of the product and/or for newly added accounts. This issue affects all versions of CTA and FMA.    

CVSS 6.6 (AV:L/AC:M/Au:S/C:C/I:C/A:C)

Resolution:  
The following EMC CTA Hot Fixes contain a resolution to the XXE vulnerability:
•	CTA 10.0 SP1 Hot Fix for ESA-2014-028
•	CTA 10.0 Hot Fix for ESA-2014-028
EMC strongly recommends all CTA 10.0 and 10SP1 customers apply the hotfixes above at the earliest opportunity.

EMC strongly recommends all CTA and FMA customers change the default password for all users namely SSH users "root" and "super" as well as GUI "admin" accounts.  See CTA Getting Started Guide for information on how to change passwords.

Link to remedies:

Customers with CTA 10.0 and CTA 10.0 SP1 can download the hotfix and instructions to apply the hotfix from the following Support Zone links.

10.0: https://download.emc.com/downloads/DL53068_CTA-10.0-Hot-Fix-for-ESA-2014-028.zip
10.0 SP1: https://download.emc.com/downloads/DL53069_CTA-10.0-SP1-Hot-Fix-for-ESA-2014-028.zip
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (Cygwin)

iEYEARECAAYFAlNOc9kACgkQtjd2rKp+ALz1GwCfUvfwfZc4uUp2HZfjeD2DSDWG
hvsAnRIFbT0S9k+Js25cOk2TbfbrUXEg
=2/VV
-----END PGP SIGNATURE-----