Dell EMC Unisphere for VMAX Virtual Appliance XML Parser xml external entity reference
| CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
|---|---|---|
| 8.4 | $0-$5k | 0.00 |
Summary
A vulnerability was found in Dell EMC Unisphere for VMAX Virtual Appliance, Solutions Enabler Virtual Appliance, VASA Provider Virtual Appliance, SMIS and VMAX Embedded Management. It has been rated as critical. This affects an unknown part of the component XML Parser. This manipulation causes xml external entity reference. The identification of this vulnerability is CVE-2018-1183. It is possible to initiate the attack remotely. There is no exploit available. Upgrading the affected component is advised.
Details
A vulnerability has been found in Dell EMC Unisphere for VMAX Virtual Appliance, Solutions Enabler Virtual Appliance, VASA Provider Virtual Appliance, SMIS and VMAX Embedded Management and classified as critical. Affected by this vulnerability is an unknown function of the component XML Parser. The manipulation with an unknown input leads to a xml external entity reference vulnerability. The CWE definition for the vulnerability is CWE-611. The product processes an XML document that can contain XML entities with URIs that resolve to documents outside of the intended sphere of control, causing the product to embed incorrect documents into its output. As an impact it is known to affect confidentiality, integrity, and availability. The summary by CVE is:
In Dell EMC Unisphere for VMAX Virtual Appliance versions prior to 8.4.0.8, Dell EMC Solutions Enabler Virtual Appliance versions prior to 8.4.0.8, Dell EMC VASA Provider Virtual Appliance versions prior to 8.4.0.512, Dell EMC SMIS versions prior to 8.4.0.6, Dell EMC VMAX Embedded Management (eManagement) versions prior to and including 1.4.0.347, Dell EMC VNX2 Operating Environment (OE) for File versions prior to 8.1.9.231, Dell EMC VNX2 Operating Environment (OE) for Block versions prior to 05.33.009.5.231, Dell EMC VNX1 Operating Environment (OE) for File versions prior to 7.1.82.0, Dell EMC VNX1 Operating Environment (OE) for Block versions prior to 05.32.000.5.225, Dell EMC VNXe3200 Operating Environment (OE) all versions, Dell EMC VNXe1600 Operating Environment (OE) versions prior to 3.1.9.9570228, Dell EMC VNXe 3100/3150/3300 Operating Environment (OE) all versions, Dell EMC ViPR SRM versions 3.7, 3.7.1, 3.7.2 (only if using Dell EMC Host Interface for Windows), Dell EMC ViPR SRM versions 4.0, 4.0.1, 4.0.2, 4.0.3 (only if using Dell EMC Host Interface for Windows), Dell EMC XtremIO versions 4.x, Dell EMC VMAX eNAS version 8.x, Dell EMC Unity Operating Environment (OE) versions prior to 4.3.0.1522077968, ECOM is affected by a XXE injection vulnerability due to the configuration of the XML parser shipped with the product. XXE Injection attack may occur when XML input containing a reference to an external entity (defined by the attacker) is processed by an affected XML parser. XXE Injection may allow attackers to gain unauthorized access to files containing sensitive information or may be used to cause denial-of-service.
The bug was discovered 04/23/2018. The weakness was shared 04/30/2018 as not defined mailinglist post (Full-Disclosure). The advisory is shared at seclists.org. This vulnerability is known as CVE-2018-1183 since 12/06/2017. The exploitation appears to be easy. The attack can be launched remotely. The exploitation doesn't need any form of authentication. Neither technical details nor an exploit are publicly available.
The vulnerability was handled as a non-public zero-day exploit for at least 7 days. During that time the estimated underground price was around $5k-$25k. The commercial vulnerability scanner Qualys is able to test this issue with plugin 13298 (Dell EMC ViPR SRM XXE Injection Vulnerability(DSA-2018-013)).
Upgrading eliminates this vulnerability.
The vulnerability is also documented in the vulnerability database at SecurityFocus (BID 104024†). If you want to get the best quality for vulnerability data then you always have to consider VulDB.
Product
Vendor
Name
- SMIS
- Solutions Enabler Virtual Appliance
- Unisphere for VMAX Virtual Appliance
- VASA Provider Virtual Appliance
- VMAX Embedded Management
License
Website
- Vendor: https://www.dellemc.com/
CPE 2.3
CPE 2.2
CVSSv4
VulDB Vector: 🔍VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 8.5VulDB Meta Temp Score: 8.4
VulDB Base Score: 7.3
VulDB Temp Score: 7.0
VulDB Vector: 🔍
VulDB Reliability: 🔍
NVD Base Score: 9.8
NVD Vector: 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍
NVD Base Score: 🔍
Exploiting
Class: Xml external entity referenceCWE: CWE-611 / CWE-610
CAPEC: 🔍
ATT&CK: 🔍
Physical: No
Local: No
Remote: Yes
Availability: 🔍
Status: Not defined
EPSS Score: 🔍
EPSS Percentile: 🔍
Price Prediction: 🔍
Current Price Estimation: 🔍
| 0-Day | Unlock | Unlock | Unlock | Unlock |
|---|---|---|---|---|
| Today | Unlock | Unlock | Unlock | Unlock |
Qualys ID: 🔍
Qualys Name: 🔍
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: UpgradeStatus: 🔍
0-Day Time: 🔍
Timeline
12/06/2017 🔍04/23/2018 🔍
04/30/2018 🔍
04/30/2018 🔍
05/01/2018 🔍
03/08/2023 🔍
Sources
Vendor: dellemc.comAdvisory: DSA-2018-013
Status: Not defined
CVE: CVE-2018-1183 (🔍)
GCVE (CVE): GCVE-0-2018-1183
GCVE (VulDB): GCVE-100-117229
SecurityFocus: 104024
Entry
Created: 05/01/2018 12:07Updated: 03/08/2023 09:54
Changes: 05/01/2018 12:07 (61), 02/01/2020 15:08 (1), 03/08/2023 09:54 (4)
Complete: 🔍
Cache ID: 216::103
If you want to get the best quality for vulnerability data then you always have to consider VulDB.
No comments yet. Languages: en.
Please log in to comment.