Lucene search

HistoryJan 17, 2024 - 12:00 a.m.

Dell iDRAC7 Improper Authorization (CVE-2019-3764)

2024-01-1700:00:00

www.tenable.com

dell

idrac7

idrac8

idrac9

improper authorization

cve-2019-3764

remote attack

sensitive information

4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

4.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

6.4 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

35.5%

JSON

Dell EMC iDRAC7 versions prior to 2.65.65.65, iDRAC8 versions prior to 2.70.70.70 and iDRAC9 versions prior to 3.36.36.36 contain an improper authorization vulnerability. A remote authenticated malicious iDRAC user with low privileges may potentially exploit this vulnerability to obtain sensitive information such as password hashes.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(501894);
  script_version("1.1");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/01/18");

  script_cve_id("CVE-2019-3764");

  script_name(english:"Dell iDRAC7 Improper Authorization (CVE-2019-3764)");

  script_set_attribute(attribute:"synopsis", value:
"The remote OT asset is affected by a vulnerability.");
  script_set_attribute(attribute:"description", value:
"Dell EMC iDRAC7 versions prior to 2.65.65.65, iDRAC8 versions prior to
2.70.70.70 and iDRAC9 versions prior to 3.36.36.36 contain an improper
authorization vulnerability. A remote authenticated malicious iDRAC
user with low privileges may potentially exploit this vulnerability to
obtain sensitive information such as password hashes.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.");
  # https://www.dell.com/support/article/sln319317/dsa-2019-137-idrac-improper-authorization-vulnerability?lang=en
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?3d20a91a");
  script_set_attribute(attribute:"solution", value:
"Refer to the vendor advisory.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:P/I:N/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-3764");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date", value:"2019/11/07");
  script_set_attribute(attribute:"patch_publication_date", value:"2019/11/07");
  script_set_attribute(attribute:"plugin_publication_date", value:"2024/01/17");

  script_set_attribute(attribute:"plugin_type", value:"remote");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:dell:idrac7_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:dell:idrac8_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:dell:idrac9_firmware");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Tenable.ot");

  script_copyright(english:"This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("tenable_ot_api_integration.nasl");
  script_require_keys("Tenable.ot/Dell");

  exit(0);
}


include('tenable_ot_cve_funcs.inc');

get_kb_item_or_exit('Tenable.ot/Dell');

var asset = tenable_ot::assets::get(vendor:'Dell');

var vuln_cpes = {
    "cpe:/o:dell:idrac7_firmware" :
        {"versionEndExcluding" : "2.65.65.65", "family" : "iDRAC7"},
    "cpe:/o:dell:idrac8_firmware" :
        {"versionEndExcluding" : "2.70.70.70", "family" : "iDRAC8"},
    "cpe:/o:dell:idrac9_firmware" :
        {"versionEndExcluding" : "3.36.36.36", "family" : "iDRAC9"}
};

tenable_ot::cve::compare_and_report(asset:asset, cpes:vuln_cpes, severity:SECURITY_WARNING);

VendorProductVersionCPE
dellidrac7_firmwarecpe:/o:dell:idrac7_firmware
dellidrac8_firmwarecpe:/o:dell:idrac8_firmware
dellidrac9_firmwarecpe:/o:dell:idrac9_firmware

Vendor	Product	CPE
dell	idrac7_firmware	cpe:/o:dell:idrac7_firmware
dell	idrac8_firmware	cpe:/o:dell:idrac8_firmware
dell	idrac9_firmware	cpe:/o:dell:idrac9_firmware

References

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3764

www.nessus.org/u?3d20a91a

4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

4.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

6.4 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

35.5%

JSON

Related for TENABLE_OT_DELL_CVE-2019-3764.NASL