Executive Summary

Summary
Title Multiple Vulnerabilities in Baramundi Management Suite
Informations
Name VU#392654 First vendor Publication 2013-10-01
Vendor VU-CERT Last vendor Modification 2013-10-23
Severity (Vendor) N/A Revision M

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:C/I:N/A:N)
Cvss Base Score 7.8 Attack Range Network
Cvss Impact Score 6.9 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Vulnerability Note VU#392654

Multiple Vulnerabilities in Baramundi Management Suite

Original Release date: 01 Oct 2013 | Last revised: 23 Oct 2013

Overview

Baramundi Management Suite versions 7.5 to 8.9 contains multiple vulnerabilities related to clear-text credential storage and transmission.

Description

CWE-319: Cleartext Transmission of Sensitive Information - CVE-2013-3593

Baramundi Mangement Suite versions 7.5 to 8.9 transfers data in cleartext between the server and clients, and stores data in cleartext. It is unknown if Baramundi Management Suite version 8.9 is affected by this vulnerability.

CWE-312: Cleartext Storage of Sensitive Information - CVE-2013-3624
When Baramundi Management Suite versions 7.5 to 8.9 is used for OS deployment, it stores the credentials in an unencrypted form on the deployed systems. It is unknown if Baramundi Management Suite version 8.9 is affected by this vulnerability.

CWE-321: Use of Hard-coded Cryptographic Key - CVE-2013-3625
Baramundi Management Suite versions 7.5 to 8.9 utilizes a hard-coded encryption key stored in a dll file. It is unknown if Baramundi Management Suite version 8.9 is affected by this vulnerability.

Impact

Since the software is used as an operating system deployment solution, it must have administrative rights to operate. As such, there are several impacts:
Privilege Escalation

  • Administrative privileges can be obtained on any local machine that was installed via Baramundi Management Suite.
  • Administrative privileges in Microsoft Active Directory can potentially be obtained.
    Credential Theft
  • Credentials may be obtained by sniffing the traffic on the network.

    • Solution

    We are currently unaware of a practical solution to this problem.

    Use Encryption
    Use layer 3 encryption between the Baramundi clients and servers to prevent sniffing attacks.

    Vendor Information (Learn More)

    VendorStatusDate NotifiedDate Updated
    baramundi software AGAffected30 Jul 201301 Oct 2013
    If you are a vendor and your product is affected, let us know.

    CVSS Metrics (Learn More)

    GroupScoreVector
    Base7.8AV:N/AC:L/Au:N/C:C/I:N/A:N
    Temporal6.3E:F/RL:W/RC:UC
    Environmental2.0CDP:H/TD:L/CR:ND/IR:ND/AR:ND

    References

    • http://www.baramundi.com/products/management-suite/overview/

    Credit

    Thanks to Damir Bozic for reporting this vulnerability.

    This document was written by Chris King.

    Other Information

    • CVE IDs:CVE-2013-3593CVE-2013-3624CVE-2013-3625
    • Date Public:01 Oct 2013
    • Date First Published:01 Oct 2013
    • Date Last Updated:23 Oct 2013
    • Document Revision:19

    Feedback

    If you have feedback, comments, or additional information about this vulnerability, please send us email.

    Original Source

    Url : http://www.kb.cert.org/vuls/id/392654

    CWE : Common Weakness Enumeration

    % Id Name
    67 % CWE-310 Cryptographic Issues
    33 % CWE-255 Credentials Management

    CPE : Common Platform Enumeration

    TypeDescriptionCount
    Application 11

    Information Assurance Vulnerability Management (IAVM)

    Date Description
    2013-10-17 IAVM : 2013-A-0199 - Multiple Vulnerabilities in Oracle Fusion Middleware
    Severity : Category I - VMSKEY : V0040786

    Alert History

    If you want to see full details history, please login or register.
    0
    1
    2
    3
    Date Informations
    2013-10-23 17:20:22
    • Multiple Updates
    2013-10-03 21:25:09
    • Multiple Updates
    2013-10-03 17:23:51
    • Multiple Updates
    2013-10-01 17:18:33
    • First insertion