Release date:
Updated on:
Affected Systems:
EMC Cloud Tiering Appliance (CTA) <= 9.0
EMC Cloud Tiering Appliance (CTA) <= 7.4
EMC Cloud Tiering Appliance Virtual Edition (CTA/VE) <= 9.0
EMC Cloud Tiering Appliance Virtual Edition (CTA/VE) <= 7.4
Description:
--------------------------------------------------------------------------------
Bugtraq id: 55250
Cve id: CVE-2012-2285
EMC Cloud Tiering Appliance integrates emc vnx and EMC Atmos to automatically layer files to the Cloud by implementing a Hierarchical Storage Policy.
EMC Cloud Tiering Appliance (CTA) has a Security Restriction Bypass Vulnerability. After successful exploitation, attackers can bypass identity authentication and obtain administrator privileges.
<* Source: shiftnumbers.com
*>
Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
EMC
---
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
Http://www.emc.com/archiving/cloud-tiering-appliance.htm