CVE-2017-8012

Dell EMC VNX Monitoring and Reporting RMI Registry Deserialization of Untrusted Data Denial of Service Vulnerability

Severity Score

7.4

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

In EMC ViPR SRM, Storage M&R, VNX M&R, and M&R (Watch4Net) for SAS Solution Packs, the Java Management Extensions (JMX) protocol used to communicate between components in the Alerting and/or Compliance components can be leveraged to create a denial of service (DoS) condition. Attackers with knowledge of JMX agent user credentials could potentially exploit this vulnerability to create arbitrary files on the affected system and create a DoS condition by leveraging inherent JMX protocol capabilities.

En EMC ViPR SRM, Storage MR, VNX MR y MR (Watch4Net) para SAS Solution Packs, el protocolo Java Management Extensions (JMX) empleado para la comunicación entre componentes los componentes Alerting o Compliance puede aprovecharse para provocar una condición de denegación de servicio. Los atacantes que conozcan las credenciales de usuario del agente JMX podrían explotar esta vulnerabilidad para crear archivos arbitrarios en el sistema afectado y crear una condición de denegación de servicio mediante el aprovechamiento de las capacidades inherentes del protocolo JMX.

This vulnerability allows remote attackers to create a denial of service on vulnerable installations of Dell EMC VNX Monitoring and Reporting. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.
The specific flaw exists within an exposed RMI registry, which listens on TCP port 52569 by default. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to create a denial-of-service condition to users of the system.

*Credits: rgod

CVSS Scores

Attack Vector

Network

Attack Complexity

High

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

High

Availability

High

Attack Vector

Network

Attack Complexity

Medium

Authentication

None

Confidentiality

None

Integrity

Partial

Availability

Partial

Attack Vector

Network

Attack Complexity

Low

Authentication

Single

Confidentiality

None

Integrity

None

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2017-04-21 CVE Reserved
2017-09-20 CVE Published
2024-08-05 CVE Updated
2024-10-04 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (4)

URL	Tag	Source
http://seclists.org/fulldisclosure/2017/Sep/51	Mailing List
http://www.securityfocus.com/bid/100982	Third Party Advisory
http://www.securitytracker.com/id/1039417	Third Party Advisory
http://www.securitytracker.com/id/1039418	Third Party Advisory

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Dell Search vendor "Dell"		Emc M\&r Search vendor "Dell" for product "Emc M\&r"				*		-		Affected
Dell Search vendor "Dell"		Emc Storage Monitoring And Reporting Search vendor "Dell" for product "Emc Storage Monitoring And Reporting"				*		-		Affected
Dell Search vendor "Dell"		Emc Vipr Srm Search vendor "Dell" for product "Emc Vipr Srm"				<= 4.0.2 Search vendor "Dell" for product "Emc Vipr Srm" and version " <= 4.0.2"		-		Affected
Dell Search vendor "Dell"		Emc Vnx Monitoring And Reporting Search vendor "Dell" for product "Emc Vnx Monitoring And Reporting"				*		-		Affected