Red Hat Security Advisory 2022-4588-01 - .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET Core that address a security vulnerability are now available. The updated versions are .NET Core SDK 6.0.105 and .NET Core Runtime 6.0.5. Issues addressed include a denial of service vulnerability.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

=====================================================================  
                   Red Hat Security Advisory

Synopsis:          Important: .NET 6.0 security, bug fix, and enhancement update  
Advisory ID:       RHSA-2022:4588-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2022:4588  
Issue date:        2022-05-18  
CVE Names:         CVE-2022-23267 CVE-2022-29117 CVE-2022-29145   
=====================================================================

1. Summary:

An update for .NET 6.0 is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat CodeReady Linux Builder (v. 9) - aarch64, s390x, x86_64  
Red Hat Enterprise Linux AppStream (v. 9) - aarch64, s390x, x86_64

3. Description:

.NET is a managed-software framework. It implements a subset of the .NET  
framework APIs and several new APIs, and it includes a CLR implementation.

New versions of .NET Core that address a security vulnerability are now  
available. The updated versions are .NET Core SDK 6.0.105 and .NET Core  
Runtime  
6.0.5.

Security Fix(es):

* dotnet: excess memory allocation via HttpClient causes DoS  
(CVE-2022-23267)

* dotnet: malicious content causes high CPU and memory usage  
(CVE-2022-29117)

* dotnet: parsing HTML causes Denial of Service (CVE-2022-29145)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

Bug Fix(es):

* Update .NET 6.0 to SDK 6.0.104 and Runtime 6.0.4 (BZ#2080460)

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

2083647 - CVE-2022-29117 dotnet: malicious content causes high CPU and memory usage  
2083649 - CVE-2022-29145 dotnet: parsing HTML causes Denial of Service  
2083650 - CVE-2022-23267 dotnet: excess memory allocation via HttpClient causes DoS

6. Package List:

Red Hat Enterprise Linux AppStream (v. 9):

Source:  
dotnet6.0-6.0.105-1.el9_0.src.rpm

aarch64:  
aspnetcore-runtime-6.0-6.0.5-1.el9_0.aarch64.rpm  
aspnetcore-targeting-pack-6.0-6.0.5-1.el9_0.aarch64.rpm  
dotnet-apphost-pack-6.0-6.0.5-1.el9_0.aarch64.rpm  
dotnet-apphost-pack-6.0-debuginfo-6.0.5-1.el9_0.aarch64.rpm  
dotnet-host-6.0.5-1.el9_0.aarch64.rpm  
dotnet-host-debuginfo-6.0.5-1.el9_0.aarch64.rpm  
dotnet-hostfxr-6.0-6.0.5-1.el9_0.aarch64.rpm  
dotnet-hostfxr-6.0-debuginfo-6.0.5-1.el9_0.aarch64.rpm  
dotnet-runtime-6.0-6.0.5-1.el9_0.aarch64.rpm  
dotnet-runtime-6.0-debuginfo-6.0.5-1.el9_0.aarch64.rpm  
dotnet-sdk-6.0-6.0.105-1.el9_0.aarch64.rpm  
dotnet-sdk-6.0-debuginfo-6.0.105-1.el9_0.aarch64.rpm  
dotnet-targeting-pack-6.0-6.0.5-1.el9_0.aarch64.rpm  
dotnet-templates-6.0-6.0.105-1.el9_0.aarch64.rpm  
dotnet6.0-debuginfo-6.0.105-1.el9_0.aarch64.rpm  
dotnet6.0-debugsource-6.0.105-1.el9_0.aarch64.rpm  
netstandard-targeting-pack-2.1-6.0.105-1.el9_0.aarch64.rpm

s390x:  
aspnetcore-runtime-6.0-6.0.5-1.el9_0.s390x.rpm  
aspnetcore-targeting-pack-6.0-6.0.5-1.el9_0.s390x.rpm  
dotnet-apphost-pack-6.0-6.0.5-1.el9_0.s390x.rpm  
dotnet-apphost-pack-6.0-debuginfo-6.0.5-1.el9_0.s390x.rpm  
dotnet-host-6.0.5-1.el9_0.s390x.rpm  
dotnet-host-debuginfo-6.0.5-1.el9_0.s390x.rpm  
dotnet-hostfxr-6.0-6.0.5-1.el9_0.s390x.rpm  
dotnet-hostfxr-6.0-debuginfo-6.0.5-1.el9_0.s390x.rpm  
dotnet-runtime-6.0-6.0.5-1.el9_0.s390x.rpm  
dotnet-runtime-6.0-debuginfo-6.0.5-1.el9_0.s390x.rpm  
dotnet-sdk-6.0-6.0.105-1.el9_0.s390x.rpm  
dotnet-sdk-6.0-debuginfo-6.0.105-1.el9_0.s390x.rpm  
dotnet-targeting-pack-6.0-6.0.5-1.el9_0.s390x.rpm  
dotnet-templates-6.0-6.0.105-1.el9_0.s390x.rpm  
dotnet6.0-debuginfo-6.0.105-1.el9_0.s390x.rpm  
dotnet6.0-debugsource-6.0.105-1.el9_0.s390x.rpm  
netstandard-targeting-pack-2.1-6.0.105-1.el9_0.s390x.rpm

x86_64:  
aspnetcore-runtime-6.0-6.0.5-1.el9_0.x86_64.rpm  
aspnetcore-targeting-pack-6.0-6.0.5-1.el9_0.x86_64.rpm  
dotnet-apphost-pack-6.0-6.0.5-1.el9_0.x86_64.rpm  
dotnet-apphost-pack-6.0-debuginfo-6.0.5-1.el9_0.x86_64.rpm  
dotnet-host-6.0.5-1.el9_0.x86_64.rpm  
dotnet-host-debuginfo-6.0.5-1.el9_0.x86_64.rpm  
dotnet-hostfxr-6.0-6.0.5-1.el9_0.x86_64.rpm  
dotnet-hostfxr-6.0-debuginfo-6.0.5-1.el9_0.x86_64.rpm  
dotnet-runtime-6.0-6.0.5-1.el9_0.x86_64.rpm  
dotnet-runtime-6.0-debuginfo-6.0.5-1.el9_0.x86_64.rpm  
dotnet-sdk-6.0-6.0.105-1.el9_0.x86_64.rpm  
dotnet-sdk-6.0-debuginfo-6.0.105-1.el9_0.x86_64.rpm  
dotnet-targeting-pack-6.0-6.0.5-1.el9_0.x86_64.rpm  
dotnet-templates-6.0-6.0.105-1.el9_0.x86_64.rpm  
dotnet6.0-debuginfo-6.0.105-1.el9_0.x86_64.rpm  
dotnet6.0-debugsource-6.0.105-1.el9_0.x86_64.rpm  
netstandard-targeting-pack-2.1-6.0.105-1.el9_0.x86_64.rpm

Red Hat CodeReady Linux Builder (v. 9):

aarch64:  
dotnet-apphost-pack-6.0-debuginfo-6.0.5-1.el9_0.aarch64.rpm  
dotnet-host-debuginfo-6.0.5-1.el9_0.aarch64.rpm  
dotnet-hostfxr-6.0-debuginfo-6.0.5-1.el9_0.aarch64.rpm  
dotnet-runtime-6.0-debuginfo-6.0.5-1.el9_0.aarch64.rpm  
dotnet-sdk-6.0-debuginfo-6.0.105-1.el9_0.aarch64.rpm  
dotnet-sdk-6.0-source-built-artifacts-6.0.105-1.el9_0.aarch64.rpm  
dotnet6.0-debuginfo-6.0.105-1.el9_0.aarch64.rpm  
dotnet6.0-debugsource-6.0.105-1.el9_0.aarch64.rpm

s390x:  
dotnet-apphost-pack-6.0-debuginfo-6.0.5-1.el9_0.s390x.rpm  
dotnet-host-debuginfo-6.0.5-1.el9_0.s390x.rpm  
dotnet-hostfxr-6.0-debuginfo-6.0.5-1.el9_0.s390x.rpm  
dotnet-runtime-6.0-debuginfo-6.0.5-1.el9_0.s390x.rpm  
dotnet-sdk-6.0-debuginfo-6.0.105-1.el9_0.s390x.rpm  
dotnet-sdk-6.0-source-built-artifacts-6.0.105-1.el9_0.s390x.rpm  
dotnet6.0-debuginfo-6.0.105-1.el9_0.s390x.rpm  
dotnet6.0-debugsource-6.0.105-1.el9_0.s390x.rpm

x86_64:  
dotnet-apphost-pack-6.0-debuginfo-6.0.5-1.el9_0.x86_64.rpm  
dotnet-host-debuginfo-6.0.5-1.el9_0.x86_64.rpm  
dotnet-hostfxr-6.0-debuginfo-6.0.5-1.el9_0.x86_64.rpm  
dotnet-runtime-6.0-debuginfo-6.0.5-1.el9_0.x86_64.rpm  
dotnet-sdk-6.0-debuginfo-6.0.105-1.el9_0.x86_64.rpm  
dotnet-sdk-6.0-source-built-artifacts-6.0.105-1.el9_0.x86_64.rpm  
dotnet6.0-debuginfo-6.0.105-1.el9_0.x86_64.rpm  
dotnet6.0-debugsource-6.0.105-1.el9_0.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-23267  
https://access.redhat.com/security/cve/CVE-2022-29117  
https://access.redhat.com/security/cve/CVE-2022-29145  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2022 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBYpn+t9zjgjWX9erEAQgs6g/+P79AtYxChNq2A8vD5SfHUz4h+ItbDaKI  
SMNwPUG37gTkUvT599LD4c8GKTUR1emhUDnulDsh8VydNrgUQByfoAkWeGvruMFp  
X5fO29wIYvYStZIJ3283dVqz6tE2i+UuLPPbExESyMZMWASmH8r59oHhnP0aO9Ra  
GeDkRp5anK1CcL7LUZc8pAkaeQ18HIiaSheXNY2mN9mws5wKjsIEaXExuDDRdBIQ  
dW44BdXYRr6i5Z95NHhrVQ5CyiEB5+H/OvV3N3croJkD/n9qg1b+mKFw2QgwCWUn  
2/8qzvKBOY98n99lxL51sukGA7oE+TTT5geFF9e3ia6nH5mFYcqFhKETHVIg8QHX  
38ov8/LmEJ6heNh2Z50pDwAXejliO53VJmcWgI+uSASC8AaGwWNGMgPsf/mQ/jAO  
vig9hCOCPIzLKrQ3nK8oPdGKlEb61oiaqudN++IwNiGbwg/KoX/pZ3sHHgY980Mi  
b1ceAywsCuCzQIkFqS0ILPRpl3u1K3gAVs/RI7TPRCxcY3+OuBI4ParaCgoAxF7d  
69mhSzw9fNFPBk3Co4rRtHLDj7ZnRkhE/gEVjMDw4QcwjYUavqb89RaJB4Ca1fcA  
motATzCZhDU0p069Yl/wUoS7MeVv5DhUQU/dExcxVdSgEhHvI/u56wso3MlTXOpl  
JmsjgpNZyTw=  
=JMkW  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2022-4588-01

adbyby v2.7 allows external users to make connections via port 8118. This can cause a program logic error and lead to a Denial of Service (DoS) via high CPU usage due to a large number of connections.

**Have a question about this project?** Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Pick a username

Email Address

Password

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

CVE-2022-29767: 最新版v2.7存在拒绝服务漏洞 · Issue #2 · adbyby/Files

Bottle before 0.12.20 mishandles errors during early request binding.

1.  GitHub Advisory Database
2.  GitHub Reviewed
3.  CVE-2022-31799

**Denial of service in bottle**

Moderate severity GitHub Reviewed Published Jun 3, 2022 • Updated Jun 3, 2022

We are still processing this advisory. You may have affected repositories that are not yet on this list. Check back soon for more.

**Package**

pip bottle (pip )

**Affected versions**

< 0.12.20

**Description**

GHSA-xhp9-4947-rq78: Denial of service in bottle

An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the devcert npm package, when an attacker is able to supply arbitrary input to the certificateFor method

1.  GitHub Advisory Database
2.  GitHub Reviewed
3.  CVE-2022-1929

**Regular expression denial of service in devcert**

Low severity GitHub Reviewed Published Jun 3, 2022 • Updated Jun 3, 2022

We are still processing this advisory. You may have affected repositories that are not yet on this list. Check back soon for more.

**Package**

npm devcert (npm )

**Affected versions**

< 1.2.1

**Description**

GHSA-fp36-299x-pwmw: Regular expression denial of service in devcert

An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the markdown-link-extractor npm package, when an attacker is able to supply arbitrary input to the module's exported function

**Regular expression denial of service in markdown-link-extractor**

Low severity GitHub Reviewed Published Jun 3, 2022 • Updated Jun 3, 2022

GHSA-mmh6-m7v9-5956: Regular expression denial of service in markdown-link-extractor

An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the semver-regex npm package, when an attacker is able to supply arbitrary input to the test() method

1.  GitHub Advisory Database
2.  GitHub Reviewed
3.  CVE-2021-43307

**Regular expression denial of service in semver-regex**

Low severity GitHub Reviewed Published Jun 3, 2022 • Updated Jun 3, 2022

We are still processing this advisory. You may have affected repositories that are not yet on this list. Check back soon for more.

**Package**

npm semver-regex (npm )

**Affected versions**

< 3.1.4

\>= 4.0.0, < 4.0.3

**Patched versions**

3.1.4

4.0.3

**Description**

GHSA-4x5v-gmq8-25ch: Regular expression denial of service in semver-regex

An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the jquery-validation npm package, when an attacker is able to supply arbitrary input to the url2 method

**Regular expression denial of service in jquery-validation**

Low severity GitHub Reviewed Published Jun 3, 2022 • Updated Jun 3, 2022

GHSA-j9m2-h2pv-wvph: Regular expression denial of service in jquery-validation

By Waqas
The U.S. Department of Justice (DoJ) confirmed seizing three domains used by cybercriminals to sell stolen personal data…
This is a post from HackRead.com Read the original post: FBI Seizes WeLeakInfo, IPStress and OVH-Booter Cybercrime Portals

The U.S. Department of Justice (DoJ) confirmed seizing three domains used by cybercriminals to sell stolen personal data and facilitate DDoS-for-hire service.

It has been just a couple of months since the authorities seized the infamous cybercrime portal Raidforums and arrested its alleged owner Diogo Santos Coelho. Now, in a press release, the DoJ and the FBI announced the seizure of three domains- weleakinfo.to, ipstress.in, and ovh-booter.com that the cybercriminals used for trading stolen personal information and offering DDoS for hire service.

The seizure results from an international investigation into sites/domains that allowed users to purchase access to stolen data and target victim networks with Distributed Denial-of-Service attacks (DDoS attacks).

Seizure notice on weleakinfo.to, ipstress.in, and ovh-booter.com domains

The District of Columbia’s attorney Matthew M. Graves and the FBI Washington Field Office’s Criminal and Cyber Division’s Special Agent in charge, Wayne A. Jacobs, made the announcement.

**Details of Seized Domains**

According to the DoJ press release issued on May 31st, 2022, the Weleakinfo website offered visitors a searchable database containing stolen information collected from over 10,000 data breaches. Moreover, it allowed users to trade hacked personal data, which the agency referred to as website trafficking in stolen private data.

The site also sold subscriptions to enable users to access the results of these data breaches. Subscriptions provided unlimited searches and access and were offered for 1 day, 1 week, 1 month, 3 months, and even for a lifetime.

The other two domains offered DDoS-for-hire services to their clients. Visitors of these domains will find a seizure banner notifying them that federal authorities have seized the domains after issuing a seizure warrant. The seized domains are currently in the U.S. federal government’s control, and their operations stand suspended.

WeLeakInfo’s prices

**What Data Was Available for Trading?**

The database comprised 7 billion indexed records, including names, usernames, email I.D.s, passwords for online accounts, and phone numbers.

> “Today, the FBI and the Department stopped two distressingly common threats: websites trafficking in stolen personal information and sites which attack and disrupt legitimate internet businesses.”
> 
> U.S. Attorney Matthew Graves

Special Agent Charles Jacobs noted that the seizure of these websites is a “prime example” of the extensiveness of actions the FBI and other intelligence agencies are undertaking to disrupt “malicious cyber activity.”

The investigation involved the DoJ’s Computer Crime and Intellectual Property Section, the FBI, the U.S. Attorney’s Office for the District of Columbia, the National Police Corps of the Netherlands, and Belgium’s Federal Police.

**More Cybercrime News**

1.  Feds seize WeLeakInfo.com for selling stolen databases
2.  21 WeLeakInfo customers arrested for buying breached data
3.  179 Dark Web vendors arrested, 500kg worth of drugs seized
4.  Domain, server of DoubleVPN used by ransomware gangs seized
5.  Russia seizes Trump Dumps, Ferum, and SkyFraud carding forums

I am a UK-based cybersecurity journalist with a passion for covering the latest happenings in cyber security and tech world. I am also into gaming, reading and investigative journalism

FBI Seizes WeLeakInfo, IPStress and OVH-Booter Cybercrime Portals

Dell PowerStore versions 2.0.0.x, 2.0.1.x and 2.1.0.x contains an open port vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to information disclosure and arbitrary code execution.

**Vaikutus**

Critical

**Tiedot**

**Proprietary Code CVEs**

**Description**

**CVSS Base Score**

**CVSS Vector String**

CVE-2022-22556

Dell PowerStore contains an Uncontrolled Resource Consumption Vulnerability in PowerStore User Interface. A remote unauthenticated attacker may potentially exploit this vulnerability, leading to the Denial of Service.

3.7

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

CVE-2022-22557

Dell PowerStore contains Plain-Text Password Storage Vulnerability in version 2.0.0.x. and 2.0.1.x. A locally authenticated attacker may potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the vulnerable application with privileges of the compromised account.

7.5

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

CVE-2022-26866

Dell PowerStore contains a Stored Cross-Site Scripting Vulnerability, an authenticated attacker may potentially exploit this vulnerability, leading to the storage of malicious HTML or JavaScript codes in a trusted application data store. When a victim user accesses the data store through their browsers, the malicious code gets executed by the web browser in the context of the vulnerable web application. Exploitation may lead to information disclosure, session theft, or client-side request forgery.

5.5

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N

CVE-2022-26867

Dell PowerStore contains formula injection vulnerability in which it supports the option to export data to either a CSV or an XLSX file. The data is taken as is, without any validation or sanitization. It may allow a malicious, authenticated user to inject payloads that might get interpreted as formulas by the corresponding spreadsheet application that is being used to open the CSV/XLSX file.

5.9

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L

CVE-2022-26868

Dell PowerStore versions 2.0.0.x, 2.0.1.x and 2.1.0.x are vulnerable to a command injection flaw. An authenticated attacker may potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS, with the privileges of the vulnerable application. Exploitation may lead to a system take over by an attacker.

6.4

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

CVE-2022-26869

Dell PowerStore versions 2.0.0.x, 2.0.1.x and 2.1.0.x contain an open port vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability, leading to information disclosure, arbitrary code execution.

9.8

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVE-2022-26870

Dell PowerStore versions 2.1.0.x contain an Authentication bypass vulnerability. A remote unauthenticated attacker may  potentially exploit this vulnerability when both Remote Secure Credential and External SSH are enabled. An attacker would gain “service” account access upon successful exploit.

7.0

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H

 

**Third-Party Component**

**CVEs**

**More Information**

NVMe SSD

CVE-2021-0148

Intel-SA-00535

Axios

CVE-2020-28168

See NVD (http://nvd.nist.gov/) for individual scores of each CVE.

bind-libs  
bind-libs-lite  
bind-utils  
bind-license

CVE-2021-25215

glib2

CVE-2021-27219

gupnp

CVE-2021-33516

java-1.8.0-openjdk

CVE-2021-2369

CVE-2021-2388

CVE-2021-2341

libldb

CVE-2021-20277

libwbclient

CVE-2021-20254

Lo-dash

CVE-2021-23337

CVE-2020-28500

CVE-2020-8203

Log4j

CVE-2021-45105

CVE-2021-44832

CVE-2022-23307

nettle

CVE-2021-20305

nss  
nss-sysinit  
nss-tools

CVE-2020-25648

openldap

CVE-2020-25692

pillow

CVE-2021-28675

CVE-2021-28676

CVE-2021-25288

CVE-2021-25287

CVE-2021-28677

CVE-2021-28678

postgres

CVE-2021-20229

CVE-2021-32027

CVE-2021-3393

postgres-libs

CVE-2021-32027

postgresql-libs

CVE-2019-10208

CVE-2020-25694

CVE-2020-25695

samba-common  
samba-client-libs  
samba-common-libs libwbclient

CVE-2021-20254

screen version

CVE-2021-26937

urllib3

CVE-2021-33503

xterm

CVE-2021-27135

**Proprietary Code CVEs**

**Description**

**CVSS Base Score**

**CVSS Vector String**

CVE-2022-22556

Dell PowerStore contains an Uncontrolled Resource Consumption Vulnerability in PowerStore User Interface. A remote unauthenticated attacker may potentially exploit this vulnerability, leading to the Denial of Service.

3.7

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

CVE-2022-22557

Dell PowerStore contains Plain-Text Password Storage Vulnerability in version 2.0.0.x. and 2.0.1.x. A locally authenticated attacker may potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the vulnerable application with privileges of the compromised account.

7.5

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

CVE-2022-26866

Dell PowerStore contains a Stored Cross-Site Scripting Vulnerability, an authenticated attacker may potentially exploit this vulnerability, leading to the storage of malicious HTML or JavaScript codes in a trusted application data store. When a victim user accesses the data store through their browsers, the malicious code gets executed by the web browser in the context of the vulnerable web application. Exploitation may lead to information disclosure, session theft, or client-side request forgery.

5.5

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N

CVE-2022-26867

Dell PowerStore contains formula injection vulnerability in which it supports the option to export data to either a CSV or an XLSX file. The data is taken as is, without any validation or sanitization. It may allow a malicious, authenticated user to inject payloads that might get interpreted as formulas by the corresponding spreadsheet application that is being used to open the CSV/XLSX file.

5.9

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L

CVE-2022-26868

Dell PowerStore versions 2.0.0.x, 2.0.1.x and 2.1.0.x are vulnerable to a command injection flaw. An authenticated attacker may potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS, with the privileges of the vulnerable application. Exploitation may lead to a system take over by an attacker.

6.4

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

CVE-2022-26869

Dell PowerStore versions 2.0.0.x, 2.0.1.x and 2.1.0.x contain an open port vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability, leading to information disclosure, arbitrary code execution.

9.8

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVE-2022-26870

Dell PowerStore versions 2.1.0.x contain an Authentication bypass vulnerability. A remote unauthenticated attacker may  potentially exploit this vulnerability when both Remote Secure Credential and External SSH are enabled. An attacker would gain “service” account access upon successful exploit.

7.0

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H

 

**Third-Party Component**

**CVEs**

**More Information**

NVMe SSD

CVE-2021-0148

Intel-SA-00535

Axios

CVE-2020-28168

See NVD (http://nvd.nist.gov/) for individual scores of each CVE.

bind-libs  
bind-libs-lite  
bind-utils  
bind-license

CVE-2021-25215

glib2

CVE-2021-27219

gupnp

CVE-2021-33516

java-1.8.0-openjdk

CVE-2021-2369

CVE-2021-2388

CVE-2021-2341

libldb

CVE-2021-20277

libwbclient

CVE-2021-20254

Lo-dash

CVE-2021-23337

CVE-2020-28500

CVE-2020-8203

Log4j

CVE-2021-45105

CVE-2021-44832

CVE-2022-23307

nettle

CVE-2021-20305

nss  
nss-sysinit  
nss-tools

CVE-2020-25648

openldap

CVE-2020-25692

pillow

CVE-2021-28675

CVE-2021-28676

CVE-2021-25288

CVE-2021-25287

CVE-2021-28677

CVE-2021-28678

postgres

CVE-2021-20229

CVE-2021-32027

CVE-2021-3393

postgres-libs

CVE-2021-32027

postgresql-libs

CVE-2019-10208

CVE-2020-25694

CVE-2020-25695

samba-common  
samba-client-libs  
samba-common-libs libwbclient

CVE-2021-20254

screen version

CVE-2021-26937

urllib3

CVE-2021-33503

xterm

CVE-2021-27135

Dell Technologies suosittelee, että kaikki asiakkaat ottavat huomioon sekä CVSS-peruspistemäärän että kaikki asiaankuuluvat väliaikaiset ja ympäristöön liittyvät pisteet, jotka voivat vaikuttaa tietyn tietoturvahaavoittuvuuden mahdolliseen vakavuuteen.

**Tuotteet, joihin asia vaikuttaa ja tilanteen korjaaminen**

**CVEs Addressed**

**Products**

**Affected Versions**

**Updated Versions**

**Link to Update**

CVE-2022-22557

PowerStore T OS  
PowerStore X OS

PowerStore T OS versions 2.0.0.x and 2.0.1.x  
\*PowerStore T OS versions 1.0.x.x are not affected.

PowerStore X OS versions 2.0.0.x and 2.0.1.x  
\*PowerStore X OS versions 1.0.x.x are not affected.

PowerStore T OS Upgrade 2.1.0.0-1561821

PowerStore T OS Upgrade 2.1.0.1-1602345

PowerStore T OS Upgrade 2.1.1.0-1649887

PowerStore X OS Upgrade 2.1.1.0-1649887

https://www.dell.com/support/home/?app=drivers

CVE-2022-22556

PowerStore T OS  
PowerStore X OS

PowerStore T OS versions before PowerStore T OS Upgrade 2.1.0.0-1561821

PowerStore X OS versions before PowerStore X OS Upgrade 2.1.1.0-1649887

PowerStore T OS Upgrade 2.1.0.0-1561821

PowerStore T OS Upgrade 2.1.0.1-1602345

PowerStore T OS Upgrade 2.1.1.0-1649887

PowerStore X OS”  
PowerStore X OS Upgrade 2.1.1.0-1649887

CVE-2021-0148

CVE-2020-28168

CVE-2021-25215

CVE-2021-27219

CVE-2021-33516

CVE-2021-2369

CVE-2021-2388

CVE-2021-2341

CVE-2021-20277

CVE-2021-20254

CVE-2021-23337

CVE-2020-28500

CVE-2020-8203

CVE-2020-25692

CVE-2021-28675

CVE-2021-28676

CVE-2021-25288

CVE-2021-25287

CVE-2021-28677

CVE-2021-28678

CVE-2021-20229

CVE-2021-32027

CVE-2021-3393

CVE-2019-10208

CVE-2020-25694

CVE-2020-25695

CVE-2021-20254

CVE-2021-26937

CVE-2021-33503

CVE-2021-27135

CVE-2022-26867

PowerStore T OS  
PowerStore X OS

PowerStore T OS versions before PowerStore T OS Upgrade 2.1.1.0-1649887

PowerStore X OS versions before PowerStore X OS Upgrade 2.1.1.0-1649887

PowerStore T OS Upgrade 2.1.1.0-1649887

PowerStore X OS Upgrade 2.1.1.0-1649887

CVE-2022-26867

CVE-2021-45105

CVE-2021-44832

CVE-2022-23307

CVE-2022-26868

PowerStore T OS  
PowerStore X OS

PowerStore T OS versions 2.0.0.x, 2.0.1.x and 2.1.0.x  
\*PowerStore T OS versions 1.0.x.x are not affected.

PowerStore X OS versions 2.0.0.x, 2.0.1.x and 2.1.0.x  
\*PowerStore X OS versions 1.0.x.x are not affected.

PowerStore T OS Upgrade 2.1.1.0-1649887

PowerStore X OS Upgrade 2.1.1.0-1649887

CVE-2022-26869

CVE-2022-26870

PowerStore T OS

PowerStore T OS versions 2.1.0.x  
\*PowerStore T OS 1.0.x.x, 2.0.0.x, 2.0.1.x are not affected

PowerStore T OS Upgrade 2.1.1.0-1649887  
 

**CVEs Addressed**

**Products**

**Affected Versions**

**Updated Versions**

**Link to Update**

CVE-2022-22557

PowerStore T OS  
PowerStore X OS

PowerStore T OS versions 2.0.0.x and 2.0.1.x  
\*PowerStore T OS versions 1.0.x.x are not affected.

PowerStore X OS versions 2.0.0.x and 2.0.1.x  
\*PowerStore X OS versions 1.0.x.x are not affected.

PowerStore T OS Upgrade 2.1.0.0-1561821

PowerStore T OS Upgrade 2.1.0.1-1602345

PowerStore T OS Upgrade 2.1.1.0-1649887

PowerStore X OS Upgrade 2.1.1.0-1649887

https://www.dell.com/support/home/?app=drivers

CVE-2022-22556

PowerStore T OS  
PowerStore X OS

PowerStore T OS versions before PowerStore T OS Upgrade 2.1.0.0-1561821

PowerStore X OS versions before PowerStore X OS Upgrade 2.1.1.0-1649887

PowerStore T OS Upgrade 2.1.0.0-1561821

PowerStore T OS Upgrade 2.1.0.1-1602345

PowerStore T OS Upgrade 2.1.1.0-1649887

PowerStore X OS”  
PowerStore X OS Upgrade 2.1.1.0-1649887

CVE-2021-0148

CVE-2020-28168

CVE-2021-25215

CVE-2021-27219

CVE-2021-33516

CVE-2021-2369

CVE-2021-2388

CVE-2021-2341

CVE-2021-20277

CVE-2021-20254

CVE-2021-23337

CVE-2020-28500

CVE-2020-8203

CVE-2020-25692

CVE-2021-28675

CVE-2021-28676

CVE-2021-25288

CVE-2021-25287

CVE-2021-28677

CVE-2021-28678

CVE-2021-20229

CVE-2021-32027

CVE-2021-3393

CVE-2019-10208

CVE-2020-25694

CVE-2020-25695

CVE-2021-20254

CVE-2021-26937

CVE-2021-33503

CVE-2021-27135

CVE-2022-26867

PowerStore T OS  
PowerStore X OS

PowerStore T OS versions before PowerStore T OS Upgrade 2.1.1.0-1649887

PowerStore X OS versions before PowerStore X OS Upgrade 2.1.1.0-1649887

PowerStore T OS Upgrade 2.1.1.0-1649887

PowerStore X OS Upgrade 2.1.1.0-1649887

CVE-2022-26867

CVE-2021-45105

CVE-2021-44832

CVE-2022-23307

CVE-2022-26868

PowerStore T OS  
PowerStore X OS

PowerStore T OS versions 2.0.0.x, 2.0.1.x and 2.1.0.x  
\*PowerStore T OS versions 1.0.x.x are not affected.

PowerStore X OS versions 2.0.0.x, 2.0.1.x and 2.1.0.x  
\*PowerStore X OS versions 1.0.x.x are not affected.

PowerStore T OS Upgrade 2.1.1.0-1649887

PowerStore X OS Upgrade 2.1.1.0-1649887

CVE-2022-26869

CVE-2022-26870

PowerStore T OS

PowerStore T OS versions 2.1.0.x  
\*PowerStore T OS 1.0.x.x, 2.0.0.x, 2.0.1.x are not affected

PowerStore T OS Upgrade 2.1.1.0-1649887  
 

**Versiohistoria****Asiaan liittyvät tiedot**

Dell Security Advisories and Notices  
Dell Vulnerability Response Policy  
CVSS Scoring Guide

Tämän Dell Technologiesin tietoturvatiedotteen tiedot on luettava, ja niiden avulla voidaan välttää tilanteita, jotka voivat johtua tässä kuvatuista ongelmista. Dell Technologiesin tietoturvatiedotteet tuovat tärkeitä tietoturvatietoja haavoittuvuudelle alttiiden tuotteiden käyttäjien tietoon. Dell Technologies arvioi riskin perustuen asennettujen järjestelmien hajautetun joukon keskimääräisiin riskeihin, eikä se välttämättä vastaa paikallisen asennuksen ja yksittäisen ympäristön todellista riskiä. Suositus on, että kaikki käyttäjät ratkaisevat näiden tietojen sovellettavuuden yksittäisten ympäristöjen mukaan ja ryhtyvät tarvittaviin toimenpiteisiin. Tässä esitetyt tiedot annetaan "sellaisenaan" ilman minkäänlaista takuuta. Dell Technologies kiistää kaikki suorat tai epäsuorat takuut, mukaan lukien takuut soveltuvuudesta kaupankäynnin kohteeksi, sopivuudesta tiettyyn käyttötarkoitukseen, omistusoikeudesta ja loukkaamattomuudesta. Dell Technologies, sen tytäryhtiöt tai toimittajat eivät missään tilanteessa ole vastuussa mistään vahingoista, jotka johtuvat tässä asiakirjassa mainituista tiedoista tai toimenpiteistä, joihin käyttäjä päättää ryhtyä. Tämä koskee kaikkia suoria, epäsuoria, satunnaisia, välillisiä, liikevoiton menetykseen liittyviä tai erityisluontoisia vahinkoja, vaikka Dell Technologies tai sen tytäryhtiöt tai toimittajat olisivat saaneet tiedon tällaisten vahinkojen mahdollisuudesta. Jotkin osavaltiot eivät salli satunnaisten tai seuraamuksellisten vahinkojen vastuun poistamista tai rajoittamista, joten edellä mainittua rajoitusta sovelletaan vain lain sallimassa laajuudessa.

PowerStore, PowerStore 1000X, PowerStore 1000T, PowerStore 3000X, PowerStore 3000T, PowerStore 5000X, PowerStore 5000T, PowerStore 500T, PowerStore 7000X, PowerStore 7000T, PowerStore 9000X, PowerStore 9000T, Product Security Information

21 huhtik. 2022

CVE-2022-26869: DSA-2022-014: Dell EMC PowerStore Family Security Update for Multiple Vulnerabilities

TOTOLINK EX1200T V4.1.2cu.5215 contains a denial of service vulnerability in function RebootSystem of the file lib/cste_modules/system which can reboot the system.

Tag

#dos