Vulnerabilities > CVE-2019-3764 - Unspecified vulnerability in Dell Idrac7 Firmware, Idrac8 Firmware and Idrac9 Firmware

CVSS 4.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

LOW

Integrity impact

NONE

Availability impact

NONE

network

low complexity

dell

nessus

NVD

Published: 2019-11-07

Updated: 2020-10-16

Summary

Dell EMC iDRAC7 versions prior to 2.65.65.65, iDRAC8 versions prior to 2.70.70.70 and iDRAC9 versions prior to 3.36.36.36 contain an improper authorization vulnerability. A remote authenticated malicious iDRAC user with low privileges may potentially exploit this vulnerability to obtain sensitive information such as password hashes.

Vulnerable Configurations

Part	Description	Count
OS	Dell Dell Idrac8 Firmware 2.00.00.00 Dell Idrac8 Firmware 2.30.30.30 Dell Idrac8 Firmware 2.52.52.52 Dell Idrac8 Firmware 2.60.60.60 Dell Idrac8 Firmware 2.61.60.60 Dell Idrac9 Firmware 3.00.00.00 Dell Idrac9 Firmware 3.11.11.11 Dell Idrac9 Firmware 3.15.15.15 Dell Idrac9 Firmware 3.15.17.15 Dell Idrac9 Firmware 3.15.19.15 Dell Idrac9 Firmware 3.16.16.16 Dell Idrac9 Firmware 3.17.17.17 Dell Idrac9 Firmware 3.17.18.17 Dell Idrac9 Firmware 3.17.20.17 Dell Idrac9 Firmware 3.18.18.18 Dell Idrac9 Firmware 3.19.19.19 Dell Idrac9 Firmware 3.20.20.20 Dell Idrac9 Firmware 3.20.21.20 Dell Idrac9 Firmware 3.21.21.21 Dell Idrac9 Firmware 3.21.21.22 Dell Idrac9 Firmware 3.21.23.22 Dell Idrac9 Firmware 3.21.24.22 Dell Idrac9 Firmware 3.21.25.22 Dell Idrac9 Firmware 3.21.26.22 Dell Idrac9 Firmware 3.22.22.22 Dell Idrac9 Firmware 3.23.23.23 Dell Idrac9 Firmware 3.24.24.24 Dell Idrac9 Firmware 3.30.30.30 Dell Idrac9 Firmware 3.31.31.31 Dell Idrac9 Firmware 3.32.32.32 Dell Idrac9 Firmware 3.34.34.34 Dell Idrac7 Firmware 1.00.00 Dell Idrac7 Firmware 1.06.06 Dell Idrac7 Firmware 1.10.10 Dell Idrac7 Firmware 1.20.20 Dell Idrac7 Firmware 1.23.23 Dell Idrac7 Firmware 1.37.35 Dell Idrac7 Firmware 1.40.40 Dell Idrac7 Firmware 2.30.30.30 Dell Idrac7 Firmware 2.61.60.60	40

Nessus

NASL family	CGI abuses
NASL id	DRAC_DSA-2019-137.NASL
description	The remote host is running iDRAC8 with a firmware version prior to 2.70.70.70 or iDRAC9 with a firmware version prior to 3.36.36.36 and is therefore affected by an improper authorization vulnerability. A remote, authenticated iDRAC user with low privileges can exploit this vulnerability to obtain sensitive information, such as password hashes. Note that Nessus has not tested for this issue but has instead relied only on the application
last seen	2020-05-21
modified	2019-12-06
plugin id	131730
published	2019-12-06
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/131730
title	Dell iDRAC Improper Authorization (DSA-2019-137)
code	# # (C) Tenable Network Security, Inc. # include('compat.inc'); if (description) { script_id(131730); script_version("1.4"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/05/20"); script_cve_id("CVE-2019-3764"); script_name(english:"Dell iDRAC Improper Authorization (DSA-2019-137)"); script_set_attribute(attribute:"synopsis", value: "The remote host is affected by an improper authorization vulnerability."); script_set_attribute(attribute:"description", value: "The remote host is running iDRAC8 with a firmware version prior to 2.70.70.70 or iDRAC9 with a firmware version prior to 3.36.36.36 and is therefore affected by an improper authorization vulnerability. A remote, authenticated iDRAC user with low privileges can exploit this vulnerability to obtain sensitive information, such as password hashes. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number."); # https://www.dell.com/support/article/ie/en/iebsdt1/sln319317/dsa-2019-137-idrac-improper-authorization-vulnerability?lang=en script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?1c039c8f"); script_set_attribute(attribute:"solution", value: "Update the remote host to iDRAC8 firmware 2.70.70.70, or iDRAC9 firmware 3.36.36.36, or higher."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:P/I:N/A:N"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-3764"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"vuln_publication_date", value:"2019/11/07"); script_set_attribute(attribute:"patch_publication_date", value:"2019/11/04"); script_set_attribute(attribute:"plugin_publication_date", value:"2019/12/06"); script_set_attribute(attribute:"plugin_type", value:"remote"); script_set_attribute(attribute:"cpe", value:"cpe:/h:dell:remote_access_card"); script_set_attribute(attribute:"cpe", value:"cpe:/h:dell:idrac8"); script_set_attribute(attribute:"cpe", value:"cpe:/h:dell:idrac9"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"CGI abuses"); script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_dependencies("drac_detect.nasl"); script_require_keys("installed_sw/iDRAC"); script_require_ports("Services/www", 443); exit(0); } include('vcf.inc'); include('vcf_extras.inc'); include('http.inc'); port = get_http_port(default:443, embedded:TRUE); app_info = vcf::idrac::get_app_info(port:port); constraints = [ {'idrac':'8', 'min_version':'1.0', 'fixed_version':'2.70.70.70'}, {'idrac':'9', 'min_version':'1.0', 'fixed_version':'3.36.36.36'} ]; vcf::idrac::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);

References

https://www.dell.com/support/article/sln319317/dsa-2019-137-idrac-improper-authorization-vulnerability?lang=en