Dell EMC Storage Monitoring and Reporting·´ÐòÁл¯´úÂëÖ´ÐÐÎó²îÇ徲ͨ¸æ

Ðû²¼Ê±¼ä 2019-12-02

Îó²î±àºÅºÍ¼¶±ð


CVE±àºÅ£ºCVE-2019-18580£¬£¬£¬£¬£¬£¬Î£ÏÕ¼¶±ð£ºÑÏÖØ£¬£¬£¬£¬£¬£¬CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ£º9.8£¬£¬£¬£¬£¬£¬¹Ù·½Î´ÆÀ¶¨


Ó°Ïì°æ±¾


Dell EMC Storage Monitoring and Reporting 4.3.1°æ±¾


Îó²î¸ÅÊö


Dell EMC Storage Monitoring and ReportingÊÇÃÀ¹ú´÷¶û£¨Dell£©¹«Ë¾µÄÒ»Ì×´æ´¢ÐÔÄܼà¿ØÈí¼þ¡£¡£¡£ ¡£¡£¸ÃÈí¼þÌṩ´æ´¢ÐÔÄܼà¿ØºÍ±¨¸æÌìÉúµÈ¹¦Ð§¡£¡£¡£ ¡£¡£


Dell EMC Storage Monitoring and Reporting 4.3.1°æ±¾Öб£´æ´úÂëÎÊÌâÎó²î¡£¡£¡£ ¡£¡£Ô¶³Ì¹¥»÷Õß¿Éͨ¹ý·¢ËÍÌØÖƵÄRMIÇëÇóʹÓøÃÎó²îÔÚÄ¿µÄÖ÷»úÉÏÖ´ÐÐí§Òâ´úÂë¡£¡£¡£ ¡£¡£


Java RMIЧÀÍÖб£´æÌض¨È±ÏÝ£¬£¬£¬£¬£¬£¬¸ÃЧÀÍĬÈÏÇéÐÎÏÂÕìÌýTCP¶Ë¿Ú52569¡£¡£¡£ ¡£¡£ ¸ÃÎÊÌâÊÇÓÉÓÚȱ·¦¶ÔÓû§ÌṩµÄÊý¾ÝµÄ׼ȷÑéÖ¤¶øµ¼ÖµÄ£¬£¬£¬£¬£¬£¬Õâ¿ÉÄܵ¼Ö²»ÐÅÈÎÊý¾ÝµÄ·´ÐòÁл¯¡£¡£¡£ ¡£¡£


Îó²îÑéÖ¤


ÔÝÎÞPOC/EXP¡£¡£¡£ ¡£¡£


ÐÞ¸´½¨Òé


ÏÖÔÚ³§ÉÌÒÑÐû²¼Éý¼¶²¹¶¡ÒÔÐÞ¸´Îó²î£¬£¬£¬£¬£¬£¬²¹¶¡»ñÈ¡Á´½Ó£ºhttps://www.dell.com/support/security/zh-cn/details/538977/DSA-2019-176-Dell-EMC-Storage-Monitoring-and-Reporting-SMR-Java-RMI-Deserialization-of-Untruste¡£¡£¡£ ¡£¡£


²Î¿¼Á´½Ó


https://www.zerodayinitiative.com/advisories/ZDI-19-996/