Dell EMC RecoverPoint Vulnerabilities
This content has been archived
This article no longer conforms to NHS Digital's standards for cyber alerts, and may contain outdated or inaccurate information. Use of this information contained in this page is at your own risk
Summary
Affected platforms
The following platforms are known to be affected:
Dell EMC RecoverPoint
- Dell EMC RecoverPoint - Versions prior to 5.1.2
- Dell EMC RecoverPoint for Virtual Machines - Versions prior to 5.1.1.3
Dell EMC RecoverPoint for Virtual Machines
Threat details
Dell EMC have released details on three of the vulnerabilities alongside patches for them. The first vulnerability (CVE-2018-1235) allows an unauthenticated, remote user to execute arbitrary code with root privileges, allowing an attacker to control the underlying operating system. Due to the severity and apparent ease of exploitation, Dell EMC have not released any further details of this vulnerability.
The second vulnerability (CVE-2018-1242) allows a local user to read any files via the 'boxmgmt' administrative interface. An attacker could exploit this vulnerability to elevate their privileges.
The final patched vulnerability (CVE-2018-1241) relates to Lightweight Directory Access Protocol (LDAP) credentials being stored in plaintext format in Apache Tomcat log files. A remote user could access the LDAP account on any RecoverPoint device using these credentials.
The three unlisted vulnerabilities all regard the use of hard-coded system password hashes, that can only be altered by the vendor, being stored on new RecoverPoint devices. Dell EMC dispute that these are vulnerabilities, making it possible that suitable remediation will not be produced.
For further information:
Remediation steps
CVE Vulnerabilities
Last edited: 17 February 2020 12:41 pm