Headline
CVE-2020-26195: DSA-2021-009: Dell PowerScale OneFS Security Update for Multiple Vulnerabilities
Dell EMC PowerScale OneFS versions 8.1.2 – 9.1.0 contain an issue where the OneFS SMB directory auto-create may erroneously create a directory for a user. A remote unauthenticated attacker may take advantage of this issue to slow down the system.
Vaikutus
Critical
Tiedot
Proprietary Code CVEs
Description
CVSSBase Score
CVSS Vector String
CVE-2021-21502
Dell PowerScale OneFS versions 8.1.0 – 9.1.0 contain a “use of SSH key past account expiration” vulnerability. A user on the network with the ISI_PRIV_AUTH_SSH RBAC privilege that has an expired account may potentially exploit this vulnerability, giving them access to the same things they had before account expiration. This may by a high privileged account and hence Dell recommends customers upgrade at the earliest opportunity.
9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2020-26196
Dell EMC PowerScale OneFS versions 8.1.0-9.1.0 contain a Backup/Restore Privilege implementation issue. A user with the BackupAdmin role may potentially exploit this vulnerability resulting in the ability to write data outside of the intended file system location.
5.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
CVE-2020-26195
Dell EMC PowerScale OneFS versions 8.1.2 – 9.1.0 contain an issue where the OneFS SMB directory auto-create may erroneously create a directory for a user. A remote unauthenticated attacker may take advantage of this issue to slow down the system.
5.3
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2020-26194
Dell EMC PowerScale OneFS versions 8.1.2 and 8.2.2 contain an Incorrect Permission Assignment for a Critical Resource vulnerability. This may allow a non-admin user with either ISI_PRIV_LOGIN_CONSOLE or ISI_PRIV_LOGIN_SSH privileges to exploit the vulnerability, leading to compromised cryptographic operations.
7.0
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2020-26193
Dell EMC PowerScale OneFS versions 8.1.0 - 9.1.0 contain an improper input validation vulnerability. A user with the ISI_PRIV_CLUSTER privilege may exploit this vulnerability, leading to the execution of arbitrary OS commands on the application’s underlying OS, with the privileges of the vulnerable application.
7.8
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2020-26192
Dell EMC PowerScale OneFS versions 8.2.0 - 9.1.0 contain a privilege escalation vulnerability. A non-admin user with either ISI_PRIV_LOGIN_CONSOLE or ISI_PRIV_LOGIN_SSH may potentially exploit this vulnerability to read arbitrary data, tamper with system software or deny service to users.
Note: No non-admin users or roles have these privileges by default.
7.8
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2020-26191
Dell EMC PowerScale OneFS versions 8.1.0 - 9.1.0 contain a privilege escalation vulnerability. A user with ISI_PRIV_JOB_ENGINE may use the PermissionRepair job to grant themselves the highest level of RBAC privileges thus being able to read arbitrary data, tamper with system software or deny service to users.
7.8
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Proprietary Code CVEs
Description
CVSSBase Score
CVSS Vector String
CVE-2021-21502
Dell PowerScale OneFS versions 8.1.0 – 9.1.0 contain a “use of SSH key past account expiration” vulnerability. A user on the network with the ISI_PRIV_AUTH_SSH RBAC privilege that has an expired account may potentially exploit this vulnerability, giving them access to the same things they had before account expiration. This may by a high privileged account and hence Dell recommends customers upgrade at the earliest opportunity.
9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2020-26196
Dell EMC PowerScale OneFS versions 8.1.0-9.1.0 contain a Backup/Restore Privilege implementation issue. A user with the BackupAdmin role may potentially exploit this vulnerability resulting in the ability to write data outside of the intended file system location.
5.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
CVE-2020-26195
Dell EMC PowerScale OneFS versions 8.1.2 – 9.1.0 contain an issue where the OneFS SMB directory auto-create may erroneously create a directory for a user. A remote unauthenticated attacker may take advantage of this issue to slow down the system.
5.3
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2020-26194
Dell EMC PowerScale OneFS versions 8.1.2 and 8.2.2 contain an Incorrect Permission Assignment for a Critical Resource vulnerability. This may allow a non-admin user with either ISI_PRIV_LOGIN_CONSOLE or ISI_PRIV_LOGIN_SSH privileges to exploit the vulnerability, leading to compromised cryptographic operations.
7.0
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2020-26193
Dell EMC PowerScale OneFS versions 8.1.0 - 9.1.0 contain an improper input validation vulnerability. A user with the ISI_PRIV_CLUSTER privilege may exploit this vulnerability, leading to the execution of arbitrary OS commands on the application’s underlying OS, with the privileges of the vulnerable application.
7.8
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2020-26192
Dell EMC PowerScale OneFS versions 8.2.0 - 9.1.0 contain a privilege escalation vulnerability. A non-admin user with either ISI_PRIV_LOGIN_CONSOLE or ISI_PRIV_LOGIN_SSH may potentially exploit this vulnerability to read arbitrary data, tamper with system software or deny service to users.
Note: No non-admin users or roles have these privileges by default.
7.8
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2020-26191
Dell EMC PowerScale OneFS versions 8.1.0 - 9.1.0 contain a privilege escalation vulnerability. A user with ISI_PRIV_JOB_ENGINE may use the PermissionRepair job to grant themselves the highest level of RBAC privileges thus being able to read arbitrary data, tamper with system software or deny service to users.
7.8
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Dell Technologies suosittelee, että kaikki asiakkaat ottavat huomioon sekä CVSS-peruspistemäärän että kaikki asiaankuuluvat väliaikaiset ja ympäristöön liittyvät pisteet, jotka voivat vaikuttaa tietyn tietoturvahaavoittuvuuden mahdolliseen vakavuuteen.
Tuotteet, joihin asia vaikuttaa ja tilanteen korjaaminen
CVEs Addressed
Affected Versions
Updated Versions
Link to Update
CVE-2021-21502
8.1.0, 8.1.1, 8.2.0, 8.2.1, 8.1.2, 8.2.2, 9.0.0
Upgrade your PowerScale OneFS version
PowerScale Downloads area.
9.1.0
RUP 2021-01
CVE-2020-26196
8.1.0, 8.1.1, 8.2.0, 8.2.1
Upgrade your PowerScale OneFS version
PowerScale Downloads area.
8.2.2, 9.0.0
October 2020 RUP for your OneFS version
8.1.2, 8.2.1, 9.1.0
November 2020 RUP for your OneFS version
CVE-2020-26195
8.1.0, 8.1.1, 8.2.0, 8.2.1
Upgrade your PowerScale OneFS version
PowerScale Downloads area.
8.1.2, 8.2.2, 9.0.0, 9.1.0
January RUP 2021-01
CVE-2020-26194
8.1.0, 8.1.1, 8.2.0, 8.2.1
Upgrade your PowerScale OneFS version
PowerScale Downloads area.
8.1.2, 8.2.2, 9.0.0, 9.1.0
January RUP 2021-01
CVE-2020-26193
8.1.0, 8.1.1, 8.2.0, 8.2.1
Upgrade your PowerScale OneFS version
PowerScale Downloads area.
8.1.2, 8.2.2, 9.0.0, 9.1.0
January RUP 2021-01
CVE-2020-26192
8.2.0, 8.2.2, 9.0.0, 9.1.0
January RUP 2021-01
PowerScale Downloads area.
CVE-2020-26191
8.1.0, 8.1.1, 8.2.0, 8.2.1
Upgrade your PowerScale OneFS version
PowerScale Downloads area.
8.1.2, 8.2.2, 9.0.0, 9.1.0
January RUP 2021-01
Note: The table above may not be a comprehensive list of all affected supported versions and may be updated as more information becomes available.
CVEs Addressed
Affected Versions
Updated Versions
Link to Update
CVE-2021-21502
8.1.0, 8.1.1, 8.2.0, 8.2.1, 8.1.2, 8.2.2, 9.0.0
Upgrade your PowerScale OneFS version
PowerScale Downloads area.
9.1.0
RUP 2021-01
CVE-2020-26196
8.1.0, 8.1.1, 8.2.0, 8.2.1
Upgrade your PowerScale OneFS version
PowerScale Downloads area.
8.2.2, 9.0.0
October 2020 RUP for your OneFS version
8.1.2, 8.2.1, 9.1.0
November 2020 RUP for your OneFS version
CVE-2020-26195
8.1.0, 8.1.1, 8.2.0, 8.2.1
Upgrade your PowerScale OneFS version
PowerScale Downloads area.
8.1.2, 8.2.2, 9.0.0, 9.1.0
January RUP 2021-01
CVE-2020-26194
8.1.0, 8.1.1, 8.2.0, 8.2.1
Upgrade your PowerScale OneFS version
PowerScale Downloads area.
8.1.2, 8.2.2, 9.0.0, 9.1.0
January RUP 2021-01
CVE-2020-26193
8.1.0, 8.1.1, 8.2.0, 8.2.1
Upgrade your PowerScale OneFS version
PowerScale Downloads area.
8.1.2, 8.2.2, 9.0.0, 9.1.0
January RUP 2021-01
CVE-2020-26192
8.2.0, 8.2.2, 9.0.0, 9.1.0
January RUP 2021-01
PowerScale Downloads area.
CVE-2020-26191
8.1.0, 8.1.1, 8.2.0, 8.2.1
Upgrade your PowerScale OneFS version
PowerScale Downloads area.
8.1.2, 8.2.2, 9.0.0, 9.1.0
January RUP 2021-01
Note: The table above may not be a comprehensive list of all affected supported versions and may be updated as more information becomes available.
Keinoja ongelman kiertämiseen tai lieventämiseen
CVE ID
Workarounds and Mitigations
CVE-2021-21502
- Remove authorized_keys files from homedir/.ssh of expired accounts
- Remove expired accounts from roles that have ISI_AUTH_PRIV_SSH
- Disable public key authentication in SSH; log in to your cluster with a username which has the appropriate privileges and at the prompt enter the following CLI command:
isi ssh modify --auth-settings-template=custom
# isi ssh settings modify --pubkey-authentication=false
CVE-2020-26196
- Limit the users that have backup / restore privilege and limit their local/console access to the cluster
- Avoid sharing /ifs directly
CVE-2020-26195
None
CVE-2020-26194
- Log in to your cluster over SSH and issue the following command as the user ‘root’ :
# isi_for_array -sX “chmod 600 /entropy”
CVE-2020-26193
None
CVE-2020-26192
The upgrade agent may be disabled up until an upgrade/patching activity needs to take place:
- Disable the upgrade agent:
isi services -a isi_upgrade_agent_d disable
- Enable the upgrade agent:
isi services -a isi_upgrade_agent_d enable
CVE-2020-26191
None
Versiohistoria
Revision
Date
Description
1.0
2021-02-08
Initial Release
Asiaan liittyvät tiedot
Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide
23 marrask. 2021
Related news
Dell PowerScale OneFS 8.1.0 - 9.1.0 contains an LDAP Provider inability to connect over TLSv1.2 vulnerability. It may make it easier to eavesdrop and decrypt such traffic for a malicious actor. Note: This does not affect clusters which are not relying on an LDAP server for the authentication provider.