Dell Foundation Services 'Service Tag' Remote Information Disclosure

Published: 2015-12-03 09:52:22

CVSS Base Vector:
AV:N/AC:L/Au:N/C:P/I:N/A:N

Summary:
An issue in Dell Foundation Services, version 2.3.3800.0A00 and below, can be exploited by a malicious website to leak the Dell service tag of a Dell system, which can be used for tracking purposes, or for social engineering.

Detection Method:
Send a HTTP GET request and check the response.

Recommendations:
Update to a Dell Foundation Services > 2.3.3800.0A00 or uninstall Dell Foundation Services

Technical Details:
Dell Foundation Services starts a HTTPd that listens on port 7779. Generally, requests to the API exposed by this HTTPd must be requests signed using a RSA-1024 key and hashed with SHA512. One of the JSONP API endpoints to obtain the service tag does not need a valid signature to be provided. Thus, any website can call it.

Affected Versions:
Dell Foundation Services 2.3.3800.0A00 and below.

Detection Type:
remote_active

Solution Type:
Vendor Patch

References:

http://lizardhq.rum.supply/2015/11/25/dell-foundation-services.html

Search
Severity
Medium
CVSS Score
5.0

You never have to pay for a vulnerability scanning and management software again.

Tired of paying a subscription 'per asset' or 'per IP'? Well you can officially cancel your current subscription. Mageni provides a free, open source and enterprise-ready vulnerability scanning and management platform which helps you to find, prioritize, remediate and manage your vulnerabilities. It is free and always will be.