Vulnerability Details : CVE-2018-1216
A hard-coded password vulnerability was discovered in vApp Manager which is embedded in Dell EMC Unisphere for VMAX, Dell EMC Solutions Enabler, Dell EMC VASA Virtual Appliances, and Dell EMC VMAX Embedded Management (eManagement): Dell EMC Unisphere for VMAX Virtual Appliance versions prior to 8.4.0.18, Dell EMC Solutions Enabler Virtual Appliance versions prior to 8.4.0.21, Dell EMC VASA Virtual Appliance versions prior to 8.4.0.514, and Dell EMC VMAX Embedded Management (eManagement) versions prior to and including 1.4 (Enginuity Release 5977.1125.1125 and earlier). They contain an undocumented default account (smc) with a hard-coded password that may be used with certain web servlets. A remote attacker with the knowledge of the hard-coded password and the message format may use vulnerable servlets to gain unauthorized access to the system. Note: This account cannot be used to log in via the web user interface.
Vulnerability category: Bypass
Products affected by CVE-2018-1216
- cpe:2.3:a:dell:emc_vmax_embedded_management:*:*:*:*:*:*:*:*
- cpe:2.3:a:dell:emc_solutions_enabler_virtual_appliance:*:*:*:*:*:*:*:*
- cpe:2.3:a:dell:emc_unisphere_for_vmax_virtual_appliance:*:*:*:*:*:*:*:*
- cpe:2.3:a:dell:emc_vasa_virtual_appliance:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2018-1216
26.14%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 96 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2018-1216
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
10.0
|
HIGH | AV:N/AC:L/Au:N/C:C/I:C/A:C |
10.0
|
10.0
|
NIST | |
9.8
|
CRITICAL | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
NIST |
CWE ids for CVE-2018-1216
-
The product contains hard-coded credentials, such as a password or cryptographic key.Assigned by: nvd@nist.gov (Primary)
References for CVE-2018-1216
-
http://seclists.org/fulldisclosure/2018/Feb/41
Full Disclosure: DSA-2018-024: Dell EMC VMAX Virtual Appliance (vApp) Manager Multiple VulnerabilitiesMailing List;Third Party Advisory
-
http://www.securitytracker.com/id/1040383
Dell EMC Unisphere VMAX Default Account Lets Remote Users Access the System and Web Server Flaw Lets Remote Authenticated Users Upload Arbitrary Files - SecurityTrackerThird Party Advisory;VDB Entry
-
http://www.securityfocus.com/bid/103039
Multiple Dell EMC Products Arbitrary File Upload and Security Bypass VulnerabilitiesThird Party Advisory;VDB Entry
-
https://www.tenable.com/security/research/tra-2018-03
[R2] EMC VASA Virtual Appliance Default Creds and Arbitrary File Upload - Research Advisory | Tenable®Third Party Advisory
Jump to