Experts found flaws in Dell EMC and VMware Products. Patch them now!

Security experts have found several vulnerabilities affecting Dell EMC Avamar and Integrated Data Protection Appliance products. They also warn that VMware’s vSphere Data Protection, which is based on Avamar, is also affected by the issues.

Dell EMC released security updates for Dell EMC Avamar Client Manager in Dell EMC Avamar Server and Dell EMC Integrated Data Protection Appliance (IDPA) to address a critical remote code execution issue and a medium open redirection flaw.

Dell acknowledged the cybersecurity firm TSS for the discovery of the flaws.

The remote code execution vulnerability, tracked as CVE-2018-11066, could be exploited by a remote unauthenticated attacker to execute arbitrary commands on the vulnerable server.

Affected versions are Dell EMC Avamar Client Manager in Dell EMC Avamar Server versions 7.2.0, 7.2.1, 7.3.0, 7.3.1, 7.4.0, 7.4.1, 7.5.0, 7.5.1, 18.1 and Dell EMC Integrated Data Protection Appliance (IDPA) versions 2.0, 2.1 and 2.2.

“Dell EMC Avamar Client Manager in Dell EMC Avamar Server versions 7.2.0, 7.2.1, 7.3.0, 7.3.1, 7.4.0, 7.4.1, 7.5.0, 7.5.1, 18.1 and Dell EMC Integrated Data Protection Appliance (IDPA) versions 2.0, 2.1 and 2.2 contain a Remote Code Execution vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to execute arbitrary commands on the server.” reads the security advisory published.

The vulnerability received a CVSS v3 Base Score of 9.8.

The second issue, tracked as CVE-2018-11067 can be exploited by an unauthenticated attacker to redirect users to arbitrary URLs by tricking them into clicking on a specially crafted link.

Dell also disclosed a high severity information exposure vulnerability, tracked as CVE-2018-11076, that affects the above products. The flaw could be exploited by attackers to compromise the vulnerable systems, it affects Dell EMC Avamar Server versions 7.2.0, 7.2.1, 7.3.0, 7.3.1, 7.4.0 and 7.4.1 and Dell EMC Integrated Data Protection Appliance (IDPA) 2.0.

“Dell EMC Avamar and IDPA are affected by an Information Exposure vulnerability that may potentially be exploited by an attacker to compromise the affected systems.” reads the security advisory published by the company.

“Avamar Java management console’s SSL/TLS private key may be leaked in the Avamar Java management client package. The private key could potentially be used by an unauthenticated attacker on the same data-link layer to initiate a MITM attack on management console users.”

Since VMware vSphere Data Protection (VDP) is based on the Avamar Virtual Edition, it is also affected by the flaws. The virtualization giant published a security advisory to inform its customers that the issues affect the VDP 6.0.x and 6.1.x..

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(Security Affairs – RCE, Dell EMC Avamar)

[adrotate banner=”5″]

[adrotate banner=”13″]

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.