EMC CMCNE Directory Traversal Vulnerability (Jan 30, 2014)

By

EMC Connectrix Manager Converged Network Edition (CMCNE) is a centralized management tool of the SAN environments and other product configuration applications. It can be used to control and protect user passwords and port access; monitor port-level statistics; and automatically record system events and networked storage fabric configuration changes.

CMCNE incorporates WildFly, formerly known as JBoss, for its custom web applications. JBoss provides a full Java Enterprise Edition (JEE) stack. The web application module access provided by CMCNE has the following format:

   [filename] [directory]   

An arbitrary file upload vulnerability exists in the EMC Connectrix Manager Converged Network Edition (CMCNE). An unauthenticated user can take use of this vulnerability to copy any file of any type to an arbitrary location on the server, which can lead to information disclosure, denial of service, and eventually arbitrary code execution when combined with other features/vulnerabilities of the product.

Dell SonicWALL Threat team has researched this vulnerability and released the following IPS signatures to address this issue.

  • 5550 EMC CMCNE Directory Traversal 1
  • 5630 EMC CMCNE Directory Traversal 2

This vulnerability is referred by CVE as CVE-2013-6810.

Security News
The SonicWall Capture Labs Threat Research Team gathers, analyzes and vets cross-vector threat information from the SonicWall Capture Threat network, consisting of global devices and resources, including more than 1 million security sensors in nearly 200 countries and territories. The research team identifies, analyzes, and mitigates critical vulnerabilities and malware daily through in-depth research, which drives protection for all SonicWall customers. In addition to safeguarding networks globally, the research team supports the larger threat intelligence community by releasing weekly deep technical analyses of the most critical threats to small businesses, providing critical knowledge that defenders need to protect their networks.