DaleCMWR
1 Nickel

NFS vulnerability detected

Our security scanner has detected a vulnerability on our OpenManage Enterprise "At least one of the NFS shares exported by the remote server could be mounted by the scanning host. An attacker may be able to leverage this to read (and possibly write) files on remote host."

Has this already been reported?

0 Kudos
10 Replies
eapelin
2 Iron

Re: NFS vulnerability detected

I assume it's designed that way. In setting up my OME appliance, i put it in a network that blocks pretty much everything and I open up access to the OME appliance specifically from the network that i only have idrac's in. I don't see a setting in OMEnt that you can specify NFS mount settings or firewall settings.
0 Kudos

Re: NFS vulnerability detected

Hi and thanks for the question.

This NFS share is internal to the OMEnt appliance and is used in the process of updating the firmware on the iDRACs.  The share is set up as readonly and does not contain sensitive information.

Thanks,

Rob

DELL-Rob C
Social Media Support
#IWork4Dell

0 Kudos
DaleCMWR
1 Nickel

Re: NFS vulnerability detected

Doesn't matter what it contains, the fact it can be mounted with no credentials makes it a vulnerability.  We are in the middle of a PCI DSS audit and it's being flagged, resolve or shutdown.

0 Kudos

Re: NFS vulnerability detected

Hi Dale.

Understood.  I've passed the feedback along and don't have any updates at this point.

Only thing I can emphasize is that it is a readyonly share with files related to firmware update (so public files).  But I know the scanners don't care about that Smiley Happy

Thanks much,

Rob

DELL-Rob C
Social Media Support
#IWork4Dell

0 Kudos
ingebm1
1 Copper

Re: NFS vulnerability detected

Is there a way to limit which servers can access the NFS share?

 

0 Kudos

Re: NFS vulnerability detected

Hi,

The NFS share used by the appliance is read-only share and unauthorized users cannot write to this share. We are also looking at moving to CIFS share from NFS share for the upcoming release.

Regards

Abhijit

0 Kudos
dingdongjr
1 Copper

Re: NFS vulnerability detected

What is the timeline to move it from NFS to CIFS? In the meantime, can a filter be implemented to allow only specified IPs to mount?

 

Terence

0 Kudos
Highlighted

Re: NFS vulnerability detected

Hi there,

It looks like an small update that includes a resolution for the NFS behavior (should be CIFS) will be out in a few weeks.  No filtering workaround I'm afraid.

Stay tuned.

Thanks!

Rob

DELL-Rob C
Social Media Support
#IWork4Dell

0 Kudos
vConn
1 Copper

Re: NFS vulnerability detected

We are having the same issue. Is there any update?

0 Kudos