Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Summary
Title HP Data Protector does not perform authentication and contains an embedded SSL private key
Informations
Name VU#267328 First vendor Publication 2016-04-22
Vendor VU-CERT Last vendor Modification 2016-04-22
Severity (Vendor) N/A Revision M

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C)
Cvss Base Score 9.3 Attack Range Network
Cvss Impact Score 10 Attack Complexity Medium
Cvss Expoit Score 8.6 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Vulnerability Note VU#267328

HP Data Protector does not perform authentication and contains an embedded SSL private key

Original Release date: 22 Apr 2016 | Last revised: 22 Apr 2016

Overview

The HP Data Protector does not perform user authentication, even when Encrypted Control Communications is enabled, and contains an embedded SSL private key that is shared among all installations.

Description

CWE-306: Missing Authentication for Critical Function - CVE-2016-2004

Data Protector does not authenticate users, even with Encrypted Control Communications enabled. An unauthenticated remote attacker may be able to execute code on the server hosting Data Protector.

CWE-321: Use of Hard-coded Cryptographic Key

Data Protector contains an embedded SSL private key. This private key appears to be shared among all installations of Data Protector.

Data Protector versions 7, 8, and 9 are affected; other versions may also be impacted.

Impact

An unauthenticated remote attacker may be able to execute code on the server, or perform man-in-the-middle attacks against the server.

Solution

Apply an update

HP has released updates to Data Protector version 7, 8, and 9 to address these issues.

Affected users may consider the following workaround:

Restrict Network Access

As a general good security practice, only allow connections from trusted hosts and networks. Consult your firewall product's manual for more information.

Vendor Information (Learn More)

VendorStatusDate NotifiedDate Updated
Hewlett Packard EnterpriseAffected11 Nov 201522 Apr 2016
If you are a vendor and your product is affected, let us know.

CVSS Metrics (Learn More)

GroupScoreVector
Base9.3AV:N/AC:M/Au:N/C:C/I:C/A:C
Temporal8.4E:POC/RL:U/RC:C
Environmental6.3CDP:ND/TD:M/CR:ND/IR:ND/AR:ND

References

  • https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05085988

Credit

Thanks to Ian Lovering for reporting this vulnerability.

This document was written by Garret Wassermann.

Other Information

  • CVE IDs:CVE-2016-2004
  • Date Public:18 Apr 2016
  • Date First Published:22 Apr 2016
  • Date Last Updated:22 Apr 2016
  • Document Revision:37

Feedback

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Original Source

Url : http://www.kb.cert.org/vuls/id/267328

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-306 Missing Authentication for Critical Function (CWE/SANS Top 25)

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 3

SAINT Exploits

Description Link
HP Data Protector missing authentication More info here

Nessus® Vulnerability Scanner

Date Description
2016-05-06 Name : An application running on the remote host utilizes an embedded SSL private key.
File : hp_data_protector_hardcoded_private_key.nasl - Type : ACT_GATHER_INFO
2016-04-29 Name : The remote host is affected by multiple vulnerabilities.
File : hp_data_protector_hpsbgn03580.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
2
3
Date Informations
2016-05-07 13:29:47
  • Multiple Updates
2016-05-02 22:17:27
  • Multiple Updates
2016-04-30 13:30:48
  • Multiple Updates
2016-04-22 21:24:39
  • First insertion