Unsolved
This post is more than 5 years old
5 Posts
0
5987
NFS vulnerability detected
Our security scanner has detected a vulnerability on our OpenManage Enterprise "At least one of the NFS shares exported by the remote server could be mounted by the scanning host. An attacker may be able to leverage this to read (and possibly write) files on remote host."
Has this already been reported?
eapelin
17 Posts
0
March 29th, 2018 15:00
DELL-Rob C
2 Intern
2 Intern
•
2.8K Posts
0
April 2nd, 2018 11:00
Hi and thanks for the question.
This NFS share is internal to the OMEnt appliance and is used in the process of updating the firmware on the iDRACs. The share is set up as readonly and does not contain sensitive information.
Thanks,
Rob
DaleCMWR
5 Posts
0
May 22nd, 2018 07:00
Doesn't matter what it contains, the fact it can be mounted with no credentials makes it a vulnerability. We are in the middle of a PCI DSS audit and it's being flagged, resolve or shutdown.
DELL-Rob C
2 Intern
2 Intern
•
2.8K Posts
0
May 22nd, 2018 12:00
Hi Dale.
Understood. I've passed the feedback along and don't have any updates at this point.
Only thing I can emphasize is that it is a readyonly share with files related to firmware update (so public files). But I know the scanners don't care about that :)
Thanks much,
Rob
ingebm1
1 Message
0
October 17th, 2018 07:00
Is there a way to limit which servers can access the NFS share?
DELL-Abhijit P
Community Manager
Community Manager
•
711 Posts
0
October 17th, 2018 08:00
Hi,
The NFS share used by the appliance is read-only share and unauthorized users cannot write to this share. We are also looking at moving to CIFS share from NFS share for the upcoming release.
Regards
Abhijit
dingdongjr
1 Rookie
1 Rookie
•
2 Posts
0
December 3rd, 2018 06:00
What is the timeline to move it from NFS to CIFS? In the meantime, can a filter be implemented to allow only specified IPs to mount?
Terence
DELL-Rob C
2 Intern
2 Intern
•
2.8K Posts
0
December 3rd, 2018 08:00
Hi there,
It looks like an small update that includes a resolution for the NFS behavior (should be CIFS) will be out in a few weeks. No filtering workaround I'm afraid.
Stay tuned.
Thanks!
Rob
vConn
3 Posts
0
February 20th, 2019 07:00
We are having the same issue. Is there any update?
Paolo456
1 Message
0
February 21st, 2019 06:00
Hi all,
does anybody know if the NFS version used by OpenManage is 4?
This is the only versione allowed by my organization.
Paolo
Cyber-Tech
3 Posts
0
May 1st, 2019 11:00
OME version 3.1 and 3.2 are no longer supporting NFS shares and are now using CIFS
Abhi_Janwalkar
2 Posts
0
August 28th, 2019 02:00
I have appliance version 4.2.0.2258 and still it is flagged with those NFS Vulnerabilities.
Anyone know how this can be fixed.