CVE-2023-43070

Vulnerability

Dell SmartFabric Storage Software versions v1.4.0 and earlier contain a path traversal vulnerability (CWE-22) in the HTTP interface. An attacker with valid authentication credentials can leverage this flaw to write or modify files outside the intended directory, specifically within the license container. The vulnerability is present in the Debian packages used for upgrading SmartFabric Storage Software VM deployed on either ESXi or Linux KVM, as well as the standalone packages for those platforms [1].

Exploitation

Exploitation requires network access to the SmartFabric Storage Software HTTP interface and a valid set of credentials. No additional user interaction is needed beyond the authentication step. By crafting HTTP requests with sequences such as ../ in the file path parameter, an authenticated attacker can traverse directories and select arbitrary write locations on the file system within the license container [1].

Impact

Successful exploitation allows an authenticated remote attacker to write or overwrite arbitrary files to arbitrary locations inside the license container. The impact is primarily on integrity (file modification) and availability (overwriting critical files could disrupt container operation). The scope includes the license container, but not the host operating system beyond that container boundary. This could lead to denial of service or unauthorized alteration of licensing-related data [1].

Mitigation

Dell has released version v1.4.1 of the SmartFabric Storage Software Debian package (for ESXi and Linux KVM upgrades) and standalone packages for ESXi and Linux KVM to remediate this vulnerability. Users are advised to upgrade to v1.4.1 immediately. No known workarounds are available for earlier versions; the advisory strongly recommends updating to the fixed release [1].