Help
  • Explore Community
  • Get Started
  • Ask the Community
  • How-To & Best Practices
  • Contact Support
Notifications
Login / Register
Community
Community
Notifications
close
  • Forums
  • Knowledge Center
  • Events & Webinars
  • Ideas
  • Blogs
Help
Help
  • Explore Community
  • Get Started
  • Ask the Community
  • How-To & Best Practices
  • Contact Support
Login / Register
Sustainability
Sustainability

We Value Your Feedback!
Could you please spare a few minutes to share your thoughts on Cloud Connected vs On-Premise Services. Your feedback can help us shape the future of services.
Learn more about the survey or Click here to Launch the survey
Schneider Electric Services Innovation Team!

DCE/DCO vulnerable to CVE-2017-1000253 ?

EcoStruxure IT forum

Schneider Electric support forum about installation and configuration for DCIM including EcoStruxure IT Expert, IT Advisor, Data Center Expert, and NetBotz

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
  • Home
  • Schneider Electric Community
  • EcoStruxure IT
  • EcoStruxure IT forum
  • DCE/DCO vulnerable to CVE-2017-1000253 ?
Options
  • Subscribe to RSS Feed
  • Mark Topic as New
  • Mark Topic as Read
  • Float this Topic for Current User
  • Bookmark
  • Subscribe
  • Mute
  • Printer Friendly Page
Invite a Co-worker
Send a co-worker an invite to the portal.Just enter their email address and we'll connect them to register. After joining, they will belong to the same company.
You have entered an invalid email address. Please re-enter the email address.
This co-worker has already been invited to the Exchange portal. Please invite another co-worker.
Please enter email address
Send Invite Cancel
Invitation Sent
Your invitation was sent.Thanks for sharing Exchange with your co-worker.
Send New Invite Close
Top Experts
User Count
Cory_McDonald
Admiral Cory_McDonald Admiral
124
Jef
Admiral Jef Admiral
109
gsterling
Captain gsterling Captain
71
APC_Steve
Captain APC_Steve Captain
62
View All

Invite a Colleague

Found this content useful? Share it with a Colleague!

Invite a Colleague Invite
Solved Go to Solution
Back to EcoStruxure IT forum
Solved
DCIM_Support
Picard DCIM_Support
Picard

Posted: ‎2020-07-04 12:07 AM . Last Modified: ‎2024-04-05 04:41 AM

0 Likes
7
880
  • Mark as New
  • Bookmark
  • Subscribe
  • Mute
  • Subscribe to RSS Feed
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content

Link copied. Please paste this link to share this article on your social media post.

Posted: ‎2020-07-04 12:07 AM . Last Modified: ‎2024-04-05 04:41 AM

DCE/DCO vulnerable to CVE-2017-1000253 ?

I read about CVE-2017-1000253.  Are we using an affected version of CentOS or any of the other affected LTS Linux distros?

 

http://www.zdnet.com/article/serious-linux-kernel-security-bug-fixed/

 

(CID:126158509)

Labels
  • Labels:
  • Data Center Expert
  • Data Center Operation
Reply

Link copied. Please paste this link to share this article on your social media post.

  • All forum topics
  • Previous Topic
  • Next Topic

Accepted Solutions
DCIM_Support
Picard DCIM_Support
Picard

Posted: ‎2020-07-04 12:07 AM . Last Modified: ‎2024-04-05 04:41 AM

0 Likes
0
880
  • Mark as New
  • Bookmark
  • Subscribe
  • Mute
  • Subscribe to RSS Feed
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content

Link copied. Please paste this link to share this article on your social media post.

Posted: ‎2020-07-04 12:07 AM . Last Modified: ‎2024-04-05 04:41 AM

Hi Cees de Vogel,

On the one hand, according to official information from Red Hat CVE Database we have:

On the other hand, for the latest DCE-7.4.3, according to the information on page Software packages in StruxureWare Data Center Expert, we have:

The StruxureWare Data Center Expert 7.4.0/7.4.1/7.4.3 server OS is CentOS 6.8 (64bit).

kernel 2.6.32-642.4.2.el6
kernel-firmware 2.6.32-642.4.2.el6

Accordingly, the latest DCE software does have the above mentioned vulnerability. And since DCE software is a closed black box, we just have to wait for the new version of DCE software with security fixes...

But with the latest DCO-8.1, everything is much simpler: the installation ISO-image of DCO-8.1 contains CentOS-7.3 and kernel-3.10.0-514.10.2.el7. That is, in this configuration, the latest DCO software also has the above mentioned vulnerability. But this vulnerability can be easily avoided in two ways:

-- Or upgrade the OS of DCO appliance to the current version CentOS-7.4, which was released in early September 2017. You can upgrade it either online (if you have Internet access) or offline (if the DCO appliance is isolated), after downloading the upgrade packages or ISO-image from the official CentOS website. The upgrade process is standard for RHEL/CentOS and can be performed both with the web-GUI webmin and with the Linux console using, for example, the yum command.

-- Or deploy a new server with a fresh installation of CentOS-7.4, and then follow the instructions on page Installing DCO on Red Hat Enterprise Linux 7 to install the latest DCO-8.1 software. This option is preferred for testing the compatibility of the latest DCO software with OS CentOS-7.4. In addition, it is possible to deploy the backup data from DCO software to this new configuration and work with it in the future.

I hope this helps you.

(CID:126158990)

See Answer In Context

Reply

Link copied. Please paste this link to share this article on your social media post.

Replies 7
DCIM_Support
Picard DCIM_Support
Picard

Posted: ‎2020-07-04 12:07 AM . Last Modified: ‎2024-04-05 04:41 AM

0 Likes
0
880
  • Mark as New
  • Bookmark
  • Subscribe
  • Mute
  • Subscribe to RSS Feed
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content

Link copied. Please paste this link to share this article on your social media post.

Posted: ‎2020-07-04 12:07 AM . Last Modified: ‎2024-04-05 04:41 AM

Hi Cees,

On the CVE wensite, that comes up as not found. Can you verify if that is the correct number or not.

Thanks

(CID:126158552)

Reply

Link copied. Please paste this link to share this article on your social media post.

DCIM_Support
Picard DCIM_Support
Picard

Posted: ‎2020-07-04 12:07 AM . Last Modified: ‎2024-04-05 04:41 AM

0 Likes
0
880
  • Mark as New
  • Bookmark
  • Subscribe
  • Mute
  • Subscribe to RSS Feed
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content

Link copied. Please paste this link to share this article on your social media post.

Posted: ‎2020-07-04 12:07 AM . Last Modified: ‎2024-04-05 04:41 AM

Hi John,

I just looked at both his links, and the CVE returns a not-found, but, the zdnet article delivers a description of the bug. 

I am unsure of the serverity of the bug, as a zdnet user also commented on the article.

Best regards

(CID:126158887)

Reply

Link copied. Please paste this link to share this article on your social media post.

DCIM_Support
Picard DCIM_Support
Picard

Posted: ‎2020-07-04 12:07 AM . Last Modified: ‎2024-04-05 04:41 AM

0 Likes
0
881
  • Mark as New
  • Bookmark
  • Subscribe
  • Mute
  • Subscribe to RSS Feed
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content

Link copied. Please paste this link to share this article on your social media post.

Posted: ‎2020-07-04 12:07 AM . Last Modified: ‎2024-04-05 04:41 AM

Hi Cees de Vogel,

On the one hand, according to official information from Red Hat CVE Database we have:

On the other hand, for the latest DCE-7.4.3, according to the information on page Software packages in StruxureWare Data Center Expert, we have:

The StruxureWare Data Center Expert 7.4.0/7.4.1/7.4.3 server OS is CentOS 6.8 (64bit).

kernel 2.6.32-642.4.2.el6
kernel-firmware 2.6.32-642.4.2.el6

Accordingly, the latest DCE software does have the above mentioned vulnerability. And since DCE software is a closed black box, we just have to wait for the new version of DCE software with security fixes...

But with the latest DCO-8.1, everything is much simpler: the installation ISO-image of DCO-8.1 contains CentOS-7.3 and kernel-3.10.0-514.10.2.el7. That is, in this configuration, the latest DCO software also has the above mentioned vulnerability. But this vulnerability can be easily avoided in two ways:

-- Or upgrade the OS of DCO appliance to the current version CentOS-7.4, which was released in early September 2017. You can upgrade it either online (if you have Internet access) or offline (if the DCO appliance is isolated), after downloading the upgrade packages or ISO-image from the official CentOS website. The upgrade process is standard for RHEL/CentOS and can be performed both with the web-GUI webmin and with the Linux console using, for example, the yum command.

-- Or deploy a new server with a fresh installation of CentOS-7.4, and then follow the instructions on page Installing DCO on Red Hat Enterprise Linux 7 to install the latest DCO-8.1 software. This option is preferred for testing the compatibility of the latest DCO software with OS CentOS-7.4. In addition, it is possible to deploy the backup data from DCO software to this new configuration and work with it in the future.

I hope this helps you.

(CID:126158990)

Reply

Link copied. Please paste this link to share this article on your social media post.

DCIM_Support
Picard DCIM_Support
Picard

Posted: ‎2020-07-04 12:08 AM . Last Modified: ‎2024-04-05 04:41 AM

0 Likes
0
880
  • Mark as New
  • Bookmark
  • Subscribe
  • Mute
  • Subscribe to RSS Feed
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content

Link copied. Please paste this link to share this article on your social media post.

Posted: ‎2020-07-04 12:08 AM . Last Modified: ‎2024-04-05 04:41 AM

Hi John, Benjamin & Spezialist,

 

THX for you're reply, yes the first link is broken but when using Google there is enough information to find:

what is the official Schneider answer in this case, is our software affected and if yes when will it be fixed 😀

(CID:126159103)

Reply

Link copied. Please paste this link to share this article on your social media post.

DCIM_Support
Picard DCIM_Support
Picard

Posted: ‎2020-07-04 12:08 AM . Last Modified: ‎2024-04-05 04:41 AM

0 Likes
0
880
  • Mark as New
  • Bookmark
  • Subscribe
  • Mute
  • Subscribe to RSS Feed
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content

Link copied. Please paste this link to share this article on your social media post.

Posted: ‎2020-07-04 12:08 AM . Last Modified: ‎2024-04-05 04:41 AM

Hi Cees de Vogel,

In engineering (on DCO) we cannot find this as affecting the product delivered by Schneider. This is as the customer/user has the responsibility for the user access to the server, which they have created at startup. And this attack requires a active user-access to the server, as stated in the first comment on the zdnet article you've linked to. 

*This is not a official answer, but, engineerings take on this specific vulnerability. 

(CID:126159122)

Reply

Link copied. Please paste this link to share this article on your social media post.

DCIM_Support
Picard DCIM_Support
Picard

Posted: ‎2020-07-04 12:08 AM . Last Modified: ‎2024-04-05 04:41 AM

0 Likes
0
880
  • Mark as New
  • Bookmark
  • Subscribe
  • Mute
  • Subscribe to RSS Feed
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content

Link copied. Please paste this link to share this article on your social media post.

Posted: ‎2020-07-04 12:08 AM . Last Modified: ‎2024-04-05 04:41 AM

THX Benjamin 

(CID:126159148)

Reply

Link copied. Please paste this link to share this article on your social media post.

DCIM_Support
Picard DCIM_Support
Picard

Posted: ‎2020-07-04 12:08 AM . Last Modified: ‎2023-10-22 01:15 AM

0 Likes
0
880
  • Mark as New
  • Bookmark
  • Subscribe
  • Mute
  • Subscribe to RSS Feed
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content

Link copied. Please paste this link to share this article on your social media post.

Posted: ‎2020-07-04 12:08 AM . Last Modified: ‎2023-10-22 01:15 AM

superhero.png

This question is closed for comments. You're welcome to start a new topic if you have further comments on this issue.

Reply

Link copied. Please paste this link to share this article on your social media post.

To The Top!

Forums

  • APC UPS Data Center Backup Solutions
  • EcoStruxure IT
  • EcoStruxure Geo SCADA Expert
  • Metering & Power Quality
  • Schneider Electric Wiser

Knowledge Center

Events & webinars

Ideas

Blogs

Get Started

  • Ask the Community
  • Community Guidelines
  • Community User Guide
  • How-To & Best Practice
  • Experts Leaderboard
  • Contact Support
Brand-Logo
Subscribing is a smart move!
You can subscribe to this board after you log in or create your free account.
Forum-Icon

Create your free account or log in to subscribe to the board - and gain access to more than 10,000+ support articles along with insights from experts and peers.

Register today for FREE

Register Now

Already have an account? Login

Terms & Conditions Privacy Notice Change your Cookie Settings © 2025 Schneider Electric

This is a heading

With achievable small steps, users progress and continually feel satisfaction in task accomplishment.

Usetiful Onboarding Checklist remembers the progress of every user, allowing them to take bite-sized journeys and continue where they left.

of