Two vulnerabilities affecting Dell EMC PowerStore Family Operating System

Dell Technologies is a leading provider of IT storage hardware solutions to promote data backup and recovery and accelerate the journey to cloud computing. Dell EMC PowerStore achieves new levels of operational simplicity and agility, utilizing a container based architecture, advanced storage technologies, and intelligent automation to unlock the power of your data. Based on a scale-out architecture and hardware-accelerated advanced data reduction, PowerStore is designed to deliverenhanced resource utilization and performance that keeps pace with application and system growth.

The company has released advisory affecting Dell EMC PowerStore Family  that contains information about 2 vulnerabilities.

1) Remote Code Execution

CVE-ID: CVE-2021-44228

Description

The flaw enables a remote attacker to run any code they choose on the target machine. When handling LDAP queries, poor input validation results in the vulnerability. A remote attacker has the ability to run arbitrary code on the target machine by sending the application a carefully crafted request.

This vulnerability may be totally exploited, which would compromise the system. Please take note that the vulnerability has already been used in the wild by attackers.

Mitigation

Install update from Dell website for Vulnerable software versions

Dell EMC PowerStore Family Operating System: before 2.0.1.3-1538564


2) Remote Code Execution

CVE-ID: CVE-2021-45046

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to incomplete patch in Apache Log4j 2.15.0 for a code injection vulnerability #VU58816 (CVE-2021-44228) in certain non-default configurations. A remote attacker with control over Thread Context Map (MDC) input data when the logging configuration uses a non-default Pattern Layout with either a Context Lookup (for example, $${ctx:loginId}) or a Thread Context Map pattern (%X, %mdc, or %MDC) can pass malicious data using a JNDI Lookup pattern and perform a denial of service (DoS) attack, exfiltrate data or execute arbitrary code.

Later discovery demonstrates a remote code execution on macOS but no other tested environments.

Mitigation

Install update from Dell website for Vulnerable software versions

Dell EMC PowerStore Family Operating System: before 2.0.1.3-1538564