Summary
The host is running Verax Network Management System and is prone to multiple vulnerabilities.
Impact
Successful exploitation will allow remote attackers to bypass certain security restrictions, perform unauthorized actions and obtain sensitive information.
This may aid in launching further attacks.
Impact Level: Application
Solution
Upgrade to Verax NMS 2.1.0 or later,
For updates refer to http://www.veraxsystems.com/en/products/nms
Insight
- An improper restricting access to certain actions via Action Message Format (AMF), which can be exploited to retrieve user information by requesting certain objects via AMF
- The decryptPassword() uses a static, hard coded private key to facilitate process. These passwords should be considered insecure due to the fact that recovering the private key is decidedly trivial.
- The private and public keys are hard coded into clientMain.swf the encrypted password could be captured and replayed against the service by an attacker.
- The Verax NMS Console, users can navigate to monitored devices and perform predefined actions (NMSAction), such as repairing tables on a MySQL database or restarting services.
Affected
Verax NMS version prior to 2.1.0
References
- http://seclists.org/bugtraq/2013/Mar/35
- http://seclists.org/bugtraq/2013/Mar/36
- http://seclists.org/bugtraq/2013/Mar/37
- http://seclists.org/bugtraq/2013/Mar/38
- http://secunia.com/advisories/52473
- http://www.securityfocus.com/archive/1/525916
- http://www.securityfocus.com/archive/1/525917
- http://www.securityfocus.com/archive/1/525918
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2013-1350, CVE-2013-1351, CVE-2013-1352, CVE-2013-1631) -
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C
Related Vulnerabilities