Researchers have discovered several vulnerabilities in the Dell EMC data protection products that would allow an attacker to gain full control of the system. Fortunately, there is a solution available to download.
The vulnerabilities, three in all, were revealed on January 4 by the security technology and services firm Digital Defense. They affect the Dell EMC Avamar server, NetWorker Virtual Edition, and Integrated Data Protection Appliance, which use a common component called Avamar Installation Manager. This is the problematic application.
In addition to this, a related problem has also been discovered in the VMware vSphere Data Protection backup product, but it has already been fixed.
How attackers could exploit vulnerabilities
Through vulnerabilities in user authentication, attackers could obtain information stored within devices, such as server data.
"The authentication derivation can be combined with the other two vulnerabilities to completely compromise the virtual device," Digital Defense said in a blog post announcing the problem.
Digital Defense worked with Dell EMC on the problem and kept the news until Dell EMC could issue security solutions to address the vulnerabilities, which are now out.
These patches should be applied without delay because they are quite serious. Attackers can obtain information from the database without having to enter the server of the real database. Otherwise, they can log in to the backup devices as administrators and will not need usernames or passwords.
Products affected
The impacted products are:
Avamar Server 7.1.x, 7.2.x, 7.3.x, 7.4. x, 7.5.0
NetWorker Virtual Edition 0.x, 9.1.x, 9.2.x
Integrated Data Protection Appliance 2.0
While this has shades of the Meltdown flaw affecting CPUs, the two are entirely unrelated. It’s just a coincidental resemblance in that both allow for reading of contents on a device.
No comments:
Post a Comment
Note: only a member of this blog may post a comment.