SB2025052602 - Dell EMC Unity update for third-party components

Security Bulletin ID SB2025052602

Severity

High

Patch available

YES

Number of vulnerabilities 82

Exploitation vector Remote access

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 82 secuirty vulnerabilities.

1) Improper input validation (CVE-ID: CVE-2019-2987)

The vulnerability allows a remote non-authenticated attacker to perform service disruption.

The vulnerability exists due to improper input validation within the 2D component in Java SE. A remote non-authenticated attacker can exploit this vulnerability to perform service disruption.

2) Improper input validation (CVE-ID: CVE-2019-2978)

The vulnerability allows a remote non-authenticated attacker to perform service disruption.

The vulnerability exists due to improper input validation within the Networking component in Java SE Embedded. A remote non-authenticated attacker can exploit this vulnerability to perform service disruption.

3) Improper input validation (CVE-ID: CVE-2019-2981)

The vulnerability allows a remote non-authenticated attacker to perform service disruption.

The vulnerability exists due to improper input validation within the JAXP component in Java SE Embedded. A remote non-authenticated attacker can exploit this vulnerability to perform service disruption.

4) Improper input validation (CVE-ID: CVE-2019-2973)

The vulnerability allows a remote non-authenticated attacker to perform service disruption.

The vulnerability exists due to improper input validation within the JAXP component in Java SE Embedded. A remote non-authenticated attacker can exploit this vulnerability to perform service disruption.

5) Improper input validation (CVE-ID: CVE-2019-2964)

The vulnerability allows a remote non-authenticated attacker to perform service disruption.

The vulnerability exists due to improper input validation within the Concurrency component in Java SE Embedded. A remote non-authenticated attacker can exploit this vulnerability to perform service disruption.

6) Improper input validation (CVE-ID: CVE-2019-2992)

The vulnerability allows a remote non-authenticated attacker to perform service disruption.

The vulnerability exists due to improper input validation within the 2D component in Java SE Embedded. A remote non-authenticated attacker can exploit this vulnerability to perform service disruption.

7) Improper input validation (CVE-ID: CVE-2019-2988)

The vulnerability allows a remote non-authenticated attacker to perform service disruption.

The vulnerability exists due to improper input validation within the 2D component in Java SE Embedded. A remote non-authenticated attacker can exploit this vulnerability to perform service disruption.

8) Improper input validation (CVE-ID: CVE-2019-2962)

The vulnerability allows a remote non-authenticated attacker to perform service disruption.

The vulnerability exists due to improper input validation within the 2D component in Java SE Embedded. A remote non-authenticated attacker can exploit this vulnerability to perform service disruption.

9) Improper input validation (CVE-ID: CVE-2019-2996)

The vulnerability allows a remote non-authenticated attacker to read and manipulate data.

The vulnerability exists due to improper input validation within the Deployment component in Java SE Embedded. A remote non-authenticated attacker can exploit this vulnerability to read and manipulate data.

10) Improper input validation (CVE-ID: CVE-2019-2983)

The vulnerability allows a remote non-authenticated attacker to perform service disruption.

The vulnerability exists due to improper input validation within the Serialization component in Java SE Embedded. A remote non-authenticated attacker can exploit this vulnerability to perform service disruption.

11) Improper input validation (CVE-ID: CVE-2019-2999)

The vulnerability allows a remote non-authenticated attacker to read and manipulate data.

The vulnerability exists due to improper input validation within the Javadoc component in Java SE. A remote non-authenticated attacker can exploit this vulnerability to read and manipulate data.

12) Improper input validation (CVE-ID: CVE-2019-2975)

The vulnerability allows a remote non-authenticated attacker to manipulate or delete data.

The vulnerability exists due to improper input validation within the Scripting component in Java SE Embedded. A remote non-authenticated attacker can exploit this vulnerability to manipulate or delete data.

13) Improper input validation (CVE-ID: CVE-2019-2977)

The vulnerability allows a remote non-authenticated attacker to read memory contents or crash the application.

The vulnerability exists due to improper input validation within the Hotspot component in Java SE. A remote non-authenticated attacker can exploit this vulnerability to read memory contents or crash the application.

14) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2019-11068)

The vulnerability allows a remote attacker to bypass certain security restrictions.

The vulnerability exists due to an error within the xsltCheckRead() and xsltCheckWrite() functions when processing requests from remote servers. A remote attacker can trick the victim into opening a specially crafted URL that will result in "-1 error" code but the URL itself will be processed by the application later.

Successful exploitation of the vulnerability may allow an attacker to bypass certain security restrictions and perform XXE attacks.

15) Improper input validation (CVE-ID: CVE-2019-2958)

The vulnerability allows a remote non-authenticated attacker to manipulate data.

The vulnerability exists due to improper input validation within the Libraries component in Java SE Embedded. A remote non-authenticated attacker can exploit this vulnerability to manipulate data.

16) Improper input validation (CVE-ID: CVE-2019-2989)

The vulnerability allows a remote non-authenticated attacker to manipulate data.

The vulnerability exists due to improper input validation within the Java component in Oracle GraalVM Enterprise Edition. A remote non-authenticated attacker can exploit this vulnerability to manipulate data.

17) Improper input validation (CVE-ID: CVE-2019-2949)

The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.

The vulnerability exists due to improper input validation within the Kerberos component in Java SE Embedded. A remote non-authenticated attacker can exploit this vulnerability to gain access to sensitive information.

18) Improper access control (CVE-ID: CVE-2019-2766)

The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 7u221, 8u212, 11.0.3 and 12.0.1; Java SE Embedded: 8u211. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 3.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N).

19) Improper input validation (CVE-ID: CVE-2019-2894)

The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.

The vulnerability exists due to improper input validation within the Security component in Java SE Embedded. A remote non-authenticated attacker can exploit this vulnerability to gain access to sensitive information.

20) Improper input validation (CVE-ID: CVE-2019-2933)

The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.

The vulnerability exists due to improper input validation within the Libraries component in Java SE Embedded. A remote non-authenticated attacker can exploit this vulnerability to gain access to sensitive information.

21) Protection Mechanism Failure (CVE-ID: CVE-2019-2786)

The vulnerability allows a remote attacker to bypass certain restrictions.

The vulnerability exists due to the the AccessController class implementation in the Security component failed in certain cases. A remote attacker can use an untrusted Java application or applet to bypass certain Java sandbox restrictions.

The vulnerability affects openjdk-jre package of an implementation of the Java Platform, Standard Edition (Java SE).

22) Improper input validation (CVE-ID: CVE-2020-2590)

The vulnerability allows a remote non-authenticated attacker to manipulate data.

The vulnerability exists due to improper input validation within the Security component in Java SE Embedded. A remote non-authenticated attacker can exploit this vulnerability to manipulate data.

23) Buffer overflow (CVE-ID: CVE-2019-5953)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when handling Internationalized Resource Identifiers (IRI) during recursive downloading. A remote attacker can trick the victim to connect to a malicious web server, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

24) OS Command Injection (CVE-ID: CVE-2019-12735)

The vulnerability allows a local non-authenticated attacker to execute arbitrary code.

getchar.c in Vim before 8.1.1365 and Neovim before 0.3.6 allows remote attackers to execute arbitrary OS commands via the :source! command in a modeline, as demonstrated by execute in Vim, and assert_fails or nvim_input in Neovim.

25) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2019-14287)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists in the implementation of the "sudo" application when processing commands that are configured to run with ALL keyword. A local user with privileges to use sudo for specific applications on the system can escalate privileges and run the application as root (even if precisely restricted), if user id "-1" or "4294967295" is used.

Example:

The following entry instructs sudo to allow user bob to run "/usr/bin/id" command as any user on the system but root:

myhost bob = (ALL, !root) /usr/bin/id

The following command will allow bob execute the "/usr/bin/id" command as root:

sudo -u#-1 id -u

26) Buffer overflow (CVE-ID: CVE-2017-2518)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to buffer overflow when processing SQL queries. A remote attacker can send specially crafted SQL queries, trigger memory corruption and execute arbitrary code with privileges of the current user.

Successful exploitation of the vulnerability may allow an attacker to gain complete control over affected system.

27) Buffer overflow (CVE-ID: CVE-2020-8597)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the "eap_request" and "eap_response" functions in "eap.c" file in pppd. A remote attacker can trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

28) Improper input validation (CVE-ID: CVE-2020-2583)

The vulnerability allows a remote non-authenticated attacker to perform service disruption.

The vulnerability exists due to improper input validation within the Serialization component in Java SE Embedded. A remote non-authenticated attacker can exploit this vulnerability to perform service disruption.

29) Improper input validation (CVE-ID: CVE-2020-2659)

The vulnerability allows a remote non-authenticated attacker to perform service disruption.

The vulnerability exists due to improper input validation within the Networking component in Java SE Embedded. A remote non-authenticated attacker can exploit this vulnerability to perform service disruption.

30) Improper input validation (CVE-ID: CVE-2020-2654)

The vulnerability allows a remote non-authenticated attacker to perform service disruption.

The vulnerability exists due to improper input validation within the Libraries component in Java SE. A remote non-authenticated attacker can exploit this vulnerability to perform service disruption.

31) Improper input validation (CVE-ID: CVE-2019-2945)

The vulnerability allows a remote non-authenticated attacker to perform service disruption.

The vulnerability exists due to improper input validation within the Networking component in Java SE Embedded. A remote non-authenticated attacker can exploit this vulnerability to perform service disruption.

32) Improper input validation (CVE-ID: CVE-2020-2593)

The vulnerability allows a remote non-authenticated attacker to read and manipulate data.

The vulnerability exists due to improper input validation within the Networking component in Java SE Embedded. A remote non-authenticated attacker can exploit this vulnerability to read and manipulate data.

33) Improper input validation (CVE-ID: CVE-2020-2655)

The vulnerability allows a remote non-authenticated attacker to read and manipulate data.

The vulnerability exists due to improper input validation within the JSSE component in Java SE. A remote non-authenticated attacker can exploit this vulnerability to read and manipulate data.

34) Improper input validation (CVE-ID: CVE-2020-2585)

The vulnerability allows a remote non-authenticated attacker to manipulate data.

The vulnerability exists due to improper input validation within the JavaFX component in Java SE. A remote non-authenticated attacker can exploit this vulnerability to manipulate data.

35) Improper input validation (CVE-ID: CVE-2020-2601)

The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.

The vulnerability exists due to improper input validation within the Security component in Java SE Embedded. A remote non-authenticated attacker can exploit this vulnerability to gain access to sensitive information.

36) Information disclosure (CVE-ID: CVE-2019-13118)

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to uninitialized stack data exposure in numbers.c in libxslt library when processing an invalid character/length combination in xsltNumberFormatDecimal. A remote attacker can gain pass specially crafted data to the application using the affected library and gain access to sensitive information.

37) Information disclosure (CVE-ID: CVE-2019-13117)

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to information disclosure in numbers.c in libxslt library where an xsl:number with certain format strings could lead to a uninitialized read in xsltNumberFormatInsertNumbers. A remote attacker can gain knowledge whether a byte on the stack contains the characters A, a, I, i, or 0, or any other character.

38) Division by zero (CVE-ID: CVE-2019-16168)

The vulnerability allows a remote attacker to perform a denial of service attack.

The vulnerability exists due to a division by zero error within the whereLoopAddBtreeIndex in sqlite3.c due to improper input validation in the sqlite_stat1 sz field. A remote attacker can pass specially crafted data to the application, trigger division by zero error and crash the vulnerable application.

39) Improper input validation (CVE-ID: CVE-2020-2604)

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

The vulnerability exists due to improper input validation within the Java component in Oracle GraalVM Enterprise Edition. A remote non-authenticated attacker can exploit this vulnerability to execute arbitrary code.

40) Improper input validation (CVE-ID: CVE-2019-2818)

The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.

The vulnerability exists due to improper input validation within the Security component in Java SE. A remote non-authenticated attacker can exploit this vulnerability to gain access to sensitive information.

41) Input validation error (CVE-ID: CVE-2019-2842)

The vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE. Note: This vulnerability applies to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input. A remote attacker can Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., via a web service which supplies data to the APIs. CVSS 3.0 Base Score 3.7 (Availability impacts).

42) Heap-based buffer overflow (CVE-ID: CVE-2012-6711)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error within the ansicstr() function in lib/sh/strtrans.c when wide characters, not supported by the current locale set in the LC_CTYPE environment variable, are printed through the echo built-in function. A local user can trigger a heap-based buffer overflow and escalate privileges on the system.

43) NULL pointer dereference (CVE-ID: CVE-2018-18606)

The vulnerability allows a remote attacker to crash the application.

The vulnerability exists due to NULL pointer dereference within the merge_strings() function in merge.c. A remote attacker can trick the victim into processing a specially crafted file and crash the application.

44) Heap-based buffer overflow (CVE-ID: CVE-2018-19931)

The vulnerability allows a local attacker to cause DoS condition on the target system.

The vulnerability exists due to heap-based buffer overflow in the bfd_elf32_swap_phdr_in function, as defined in the elfcode.h source code file when handling malicious input. A local attacker can supply a specially crafted file that may trigger memory corruption and cause the service to crash.

45) Resource exhaustion (CVE-ID: CVE-2018-17985)

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption problem caused by the cplus_demangle_type function making recursive calls to itself in certain scenarios involving many 'P' characters.

46) Buffer overflow (CVE-ID: CVE-2018-17358)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error when processing ELF files within the _bfd_stab_section_find_nearest_line() function in syms.c in Binary File Descriptor (BFD) library (aka libbfd). A remote attacker can create a specially crafted ELF file, pass it to the affected application and trigger invalid memory access, resulting in denial of service conditions.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

47) Integer overflow (CVE-ID: CVE-2018-1000876)

The vulnerability allows a local attacker to gain elevated privileges on the target system.

The vulnerability exists due to integer overflow in objdump, bfd_get_dynamic_reloc_upper_bound,bfd_canonicalize_dynamic_reloc. A local attacker can trigger heap-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

48) Integer overflow (CVE-ID: CVE-2018-19932)

The vulnerability allows a local attacker to cause DoS condition on the target system.

The vulnerability exists due to integer overflow in the IS_CONTAINED_BY_LMAfunction, as defined in the elf.c source code file when handling malicious input. A local attacker can map a section to a segment, trigger an infinite loop condition, resulting in a DoS condition.

49) Buffer overflow (CVE-ID: CVE-2018-17359)

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. An invalid memory access exists in bfd_zalloc in opncls.c. Attackers could leverage this vulnerability to cause a denial of service (application crash) via a crafted ELF file.

50) Out-of-bounds read (CVE-ID: CVE-2018-18605)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error within the sec_merge_hash_lookup() function in merge.c. A remote attacker can pass a specially crafted ELF file to the application and crash it.

51) Memory corruption (CVE-ID: CVE-2018-18309)

The vulnerability allows a local attacker to cause DoS condition on the target system.

The vulnerability exists due to invalid memory address dereference in the read_relocfunction, as defined in the reloc.c source code after boundary error in the _bfd_clear_contents function. A local attacker can submit malicious input using the objdump command, trigger a segmentation fault and cause the affected application to crash.

52) Integer overflow (CVE-ID: CVE-2019-11477)

The vulnerability allows a remote attacker to perform denial of service (DoS) attack.

The vulnerability exists due to integer overflow when handling TCP Selective Acknowledgments (SACKs) due to incorrect processing of TCP_SKB_CB(skb)->tcp_gso_segs value in Linux kernel. A remote non-authenticated attacker can send specially crafted network traffic to the affected system, trigger integer overflow and render the system unavailable.

Successful exploitation of the vulnerability allows a remote attacker to perform denial of service (DoS) attack.

53) Buffer overflow (CVE-ID: CVE-2019-1010180)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing ELF files. A remote attacker can create a specially crafted file, trick the victim into opening it with a debugger, trigger memory corruption and execute arbitrary code on the target system.

54) NULL pointer dereference (CVE-ID: CVE-2018-18607)

The vulnerability allows a remote attacker to crash the application.

The vulnerability exists due to NULL pointer dereference within the elf_link_input_bfd() function in elflink.c. A remote attacker can trick the victim into processing a specially crafted file and crash the application.

55) NULL pointer dereference (CVE-ID: CVE-2018-20651)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error in elf_link_add_object_symbols in elflink.c in the Binary File Descriptor (BFD) library (aka libbfd). A remote attacker can supply a specially crafted ELF file and perform a denial of service (DoS) attack.

56) Heap-based buffer overflow (CVE-ID: CVE-2018-20671)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to integer overflow in load_specific_debug_section in objdump.c. A remote attacker can supply a specially crafted section size, trigger heap-based buffer overflow and perform a denial of service (DoS) attack.

57) Use-after-free (CVE-ID: CVE-2018-20623)

The vulnerability allows a remote attacker to cause DoS condition or execute arbitrary code.

The vulnerability exists due to use-after-free in the error function in elfcomm.c when called from the process_archive function in readelf.c. A remote attacker can supply a specially crafted ELF file, trigger heap-based buffer overflow and cause the service to crash or execute arbitrary code with elevated privileges.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

58) Integer overflow (CVE-ID: CVE-2018-18483)

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

The get_count function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31, allows remote attackers to cause a denial of service (malloc called with the result of an integer-overflowing calculation) or possibly have unspecified other impact via a crafted string, as demonstrated by c++filt.

59) Input validation error (CVE-ID: CVE-2018-17360)

The vulnerability allows an attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input. A remote attacker can cause a denial of service via a crafted PE file.

60) Resource exhaustion (CVE-ID: CVE-2018-18484)

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there is a stack consumption problem caused by recursive stack frames: cplus_demangle_type, d_bare_function_type, d_function_type.

61) Improper Authentication (CVE-ID: CVE-2019-12749)

The vulnerability allows a an attacker to bypass authentication process.

The vulnerability exists due to an error when handling symlinks within the reference implementation of DBUS_COOKIE_SHA1 in the libdbus library. A malicious client with access to to its own home directory can manipulate a ~/.dbus-keyrings symlink to cause a DBusServer with a different uid to read and write into unintended locations.

Successful exploitation of the vulnerability may allow an attacker to bypass DBUS_COOKIE_SHA1 authentication mechanis.

62) Resource exhaustion (CVE-ID: CVE-2019-11478)

The vulnerability allows a remote attacker to perform denial of service (DoS) attack.

The vulnerability exists due to an error when processing TCP Selective Acknowledgment (SACK) sequences within the Linux kernel TCP retransmission queue implementation in tcp_fragment. A remote non-authenticated attacker can send specially crafted network traffic to the affected system and perform a denial of service (DoS) attack.

63) Improper access control (CVE-ID: CVE-2019-2816)

The vulnerability allows a remote non-authenticated attacker to read and manipulate data.

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 7u221, 8u212, 11.0.3 and 12.0.1; Java SE Embedded: 8u211. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded accessible data as well as unauthorized read access to a subset of Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 4.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N).

64) Use of a broken or risky cryptographic algorithm (CVE-ID: CVE-2019-1559)

The vulnerability allows a remote attacker to decrypt sensitive information.

The vulnerability exists due to the way an application behaves, when it receives a 0-byte record with invalid padding compared to the record with an invalid MAC, which results in padding oracle. A remote attacker can decrypt data.

Successful exploitation of the vulnerability requires that the application is using "non-stitched" ciphersuites and calls SSL_shutdown() twice (first, via a BAD_RECORD_MAC and again via a CLOSE_NOTIFY).

65) Improper access control (CVE-ID: CVE-2019-2745)

The vulnerability allows a local non-authenticated attacker to gain access to sensitive information.

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 7u221, 8u212 and 11.0.3. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Java SE executes to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 5.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N).

66) Input validation error (CVE-ID: CVE-2019-2769)

The vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input. A remote attacker can Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., via a web service which supplies data to the APIs. CVSS 3.0 Base Score 5.3 (Availability impacts).

67) Input validation error (CVE-ID: CVE-2019-2762)

The vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input. A remote attacker can Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., via a web service which supplies data to the APIs. CVSS 3.0 Base Score 5.3 (Availability impacts).

68) Improper input validation (CVE-ID: CVE-2019-2821)

The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.

The vulnerability exists due to improper input validation within the JSSE component in Java SE. A remote non-authenticated attacker can exploit this vulnerability to gain access to sensitive information.

69) Information disclosure (CVE-ID: CVE-2019-2422)

The vulnerability allows a remote attacker to obtain potentially sensitive information.

The weakness exists due to unspecified flaw in Libraries component. A remote attacker can gain access to sensitive information on the system.

70) Denial of service (CVE-ID: CVE-2019-2449)

The vulnerability allows a remote attacker to cause DoS condition.

The weakness exists due to unspecified flaw in Deployment component. A remote attacker cause the service to crash.

71) Information disclosure (CVE-ID: CVE-2019-2426)

The vulnerability allows a remote attacker to obtain potentially sensitive information.

The weakness exists due to unspecified flaw in Networking component. A remote attacker read arbitrary data.

72) Division by zero (CVE-ID: CVE-2018-11212)

The vulnerability allows a remote attacker to cause DoS condition.

The weakness exists due to division by zero error within the libjpeg library within the libjpeg-turbo in alloc_sarray() function of jmemmgr.c file. A remote attacker can pass a specially crafted file the to affected application and cause application to crash.

73) Padding oracle attack (CVE-ID: CVE-2019-1563)

The vulnerability allows a remote attacker to perform padding oracle attack.

The vulnerability exists due to possibility to perform a Bleichenbacher padding oracle attack against the RSA key, in situations where an attacker receives automated notification of the success or failure of a decryption attempt an attacker. A remote attacker can send a very large number of messages to be decrypted, can recover a CMS/PKCS7 transported encryption key or decrypt any RSA encrypted message that was encrypted with the public RSA key.

74) Resource exhaustion (CVE-ID: CVE-2019-11479)

The vulnerability allows a remote attacker to perform denial of service (DoS) attack.

The vulnerability exists due to presence of hard-coded MSS value (48 bytes) in the Linux kernel source code. A remote attacker can fragment TCP resend queues significantly more than if a larger MSS were enforced and perform denial of service (DoS) attack.

75) Cryptographic issues (CVE-ID: CVE-2019-1547)

The vulnerability allows a remote attacker to decrypt traffic.

The vulnerability exists due to insufficient enforcement of side channel resistant code paths. A remote attacker with ability to create a large number of signatures, where explicit parameters with no co-factor is present, can force the application to fall back to non-side channel resistant code pathsduring ECDSA signature operation and perform full key recovery.

Successful exploitation of the vulnerability may allow an attacker to decrypt communication between server and client.

76) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2019-3689)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to insecure permissions on the " /var/lib/nfs" directory owned by statd:nogroup in the nfs-utils package in SUSE Linux Enterprise Server 12 before and including version 1.3.0-34.18.1 and in SUSE Linux Enterprise Server 15 before and including version 2.1.1-6.10.2. This directory contains files owned and managed by root. If statd is compromised, it can therefore trick processes running with root privileges into creating/overwriting files anywhere on the system.

Successful exploitation of the vulnerability may allow a local user to escalate privileges on the system.

77) Integer overflow (CVE-ID: CVE-2019-17498)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack or access sensitive information.

The vulnerability exists due to integer overflow in the "SSH_MSG_DISCONNECT" logic in "packet.c" in a bounds check. A remote attacker can specify an arbitrary (out-of-bounds) offset for a subsequent memory read, trigger out-of-bounds read, disclose sensitive information or cause a denial of service condition on the target system when a user connects to the malicious SSH server.

78) Use-after-free (CVE-ID: CVE-2019-7317)

The vulnerability allows a remote attacker to cause DoS condition.

The vulnerability exists due to a use-after-free memory error in the png_image_free function, as defined in the png.c source code file when calling on png_safe_execute. A remote attacker can send specially crafted data, trigger a call on png_safe_execute and trigger memory corruption, resulting in a DoS condition.

79) Input validation error (CVE-ID: CVE-2017-12652)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input in libpng when checking the chuck length against the user limit. A remote attacker can supply a specially crafted PNG image and crash the affected application.

80) Out-of-bounds read (CVE-ID: CVE-2018-16301)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary condition in libpcap when during pcapng reading. A remote attacker can pass specially crafted data to the application that uses the affected library, trigger out-of-bounds read error and read contents of memory on the system or crash the application.

81) Buffer overflow (CVE-ID: CVE-2019-15165)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error within the sf-pcapng.c in libpcap when processing the PHB header length before allocating memory. A remote attacker can pass specially crafted data to the application that uses the vulnerable library, trigger memory corruption and perform denial of service (DoS) attack.

82) Integer overflow (CVE-ID: CVE-2019-2201)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to integer overflow in tjbench.c when handling JPEG images. A remote attacker can create a specially crafted JPEG image, pass it to the affected application, trigger integer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Remediation

Install update from vendor's website.

References

https://www.dell.com/support/kbdoc/nl-nl/000001839/dsa-2020-132-dell-emc-unity-family-dell-emc-unity-vsa-family-dell-emc-unity-xt-family-security-update-for-multiple-third-party-components

SB2025052602 - Dell EMC Unity update for third-party components

Breakdown by Severity

Description

Remediation

References

Please verify you're human