Plataforma
dell
Componente
dell-emc-integrated-system-for-microsoft-azure-stack-hub
Corrigido em
Dell EMC 2204
CVE-2021-36302 represents a critical privilege escalation vulnerability affecting Dell EMC Integrated System for Microsoft Azure Stack Hub. Successful exploitation allows a remote, malicious user with standard-level Just Enough Administration (JEA) credentials to elevate their privileges and potentially gain complete control over the system. This vulnerability impacts versions up to and including Dell EMC 2204, with a fix available in Dell EMC 2204.
The impact of CVE-2021-36302 is severe. An attacker who can obtain standard JEA credentials can leverage this vulnerability to escalate their privileges to a highly privileged account, effectively compromising the entire Azure Stack Hub system. This could lead to unauthorized access to sensitive data, modification of system configurations, deployment of malicious software, and disruption of services. The potential for lateral movement within the Azure Stack Hub environment is significant, as a compromised account can be used to access other resources and systems. The blast radius extends to all data and services hosted on the affected Azure Stack Hub instance.
CVE-2021-36302 is not currently listed on the CISA KEV catalog. Public proof-of-concept exploits are not widely available, but the vulnerability's severity and potential impact warrant careful attention. The vulnerability's reliance on JEA credentials suggests that attackers may target credential theft or misuse as an initial attack vector. The NVD was published on 2022-02-09.
Organizations deploying Dell EMC Integrated System for Microsoft Azure Stack Hub, particularly those with less stringent JEA access controls or legacy configurations, are at significant risk. Shared hosting environments utilizing Azure Stack Hub are also vulnerable, as a compromise of one tenant could potentially impact others.
• windows / dell:
Get-WinEvent -LogName Security -Filter "EventID = 4624 -Message contains 'JEA'"• linux / server:
journalctl -u dell-azure-stack-hub -g 'JEA' | grep -i error• generic web:
curl -I <azure_stack_hub_url> | grep -i 'JEA'disclosure
patch
Status do Exploit
EPSS
0.24% (percentil 48%)
Vetor CVSS
The primary mitigation for CVE-2021-36302 is to upgrade to Dell EMC Integrated System for Microsoft Azure Stack Hub version 2204 or later, which contains the fix. If an immediate upgrade is not feasible, consider restricting JEA access to only authorized personnel and implementing multi-factor authentication (MFA) for JEA accounts. Regularly review JEA policies and audit logs for suspicious activity. Implement network segmentation to limit the potential impact of a compromised account. After upgrade, confirm successful remediation by verifying that the JEA configuration is secure and that no unauthorized privilege escalation attempts are detected in the audit logs.
Atualize o Dell EMC Integrated System for Microsoft Azure Stack Hub para a versão 2204 ou posterior. Isso corrige a vulnerabilidade de escalada de privilégios.
Análise de vulnerabilidades e alertas críticos diretamente no seu e-mail.
CVE-2021-36302 is a critical vulnerability allowing remote attackers with standard JEA credentials to escalate privileges and gain control of Dell EMC Integrated System for Microsoft Azure Stack Hub versions ≤2204.
If you are running Dell EMC Integrated System for Microsoft Azure Stack Hub versions prior to 2204 and have standard JEA credentials accessible, you are potentially affected by this vulnerability.
Upgrade to Dell EMC Integrated System for Microsoft Azure Stack Hub version 2204 or later to remediate the vulnerability. Consider restricting JEA access as an interim measure.
While no widespread exploitation has been publicly confirmed, the vulnerability's severity and potential impact warrant proactive mitigation.
Refer to the official Dell Security Advisory for CVE-2021-36302 on the Dell Support website: [https://www.dell.com/support/kbdoc/en-us/000182439/security-update-for-dell-emc-integrated-system-for-microsoft-azure-stack-hub-cve-2021-36302](https://www.dell.com/support/kbdoc/en-us/000182439/security-update-for-dell-emc-integrated-system-for-microsoft-azure-stack-hub-cve-2021-36302)
Envie seu arquivo de dependências e descubra na hora se esta e outras CVEs te atingem.