Executive Summary

Summary
Title Seagate BlackArmor device static administrator password reset vulnerability
Informations
Name VU#515283 First vendor Publication 2012-05-23
Vendor VU-CERT Last vendor Modification 2012-06-27
Severity (Vendor) N/A Revision M

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score 10 Attack Range Network
Cvss Impact Score 10 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Vulnerability Note VU#515283

Seagate BlackArmor device static administrator password reset vulnerability

Original Release date: 23 May 2012 | Last revised: 27 Jun 2012

Overview

The Seagate BlackArmor network attached storage device contains a static administrator password reset vulnerability.

Description

The Seagate BlackArmor network attached storage device contain a static php file used to reset the administrator password. A remote unauthenticated attacker with access to the device's management web server can directly access the webpage, http://DevicesIpAddress/d41d8cd98f00b204e9800998ecf8427e.php and reset the administrator password.

Impact

A remote unauthenticated attacker may be able to reset the administrator password of the device.

Solution

Update

The vendor has stated that updated firmware has been released that addresses this vulnerability. Updated firmware for 1, 2 and 4-bay Seagate BlackArmor devices can be found under the "Downloads" tab on vendor's support website.

The firmware versions that are reported to address this vulnerability are:
BlackArmorNAS 110: 1000.1301
BlackArmorNAS 220: 2000.1311
BlackArmorNAS 440: 4000.1391

Restrict network access

Restrict network access to the Seagate BlackArmor network attached storage devices system web interface and other devices using open protocols like HTTP.

Vendor Information (Learn More)

VendorStatusDate NotifiedDate Updated
SeagateTechnologyLLCAffected07 Mar 201227 Jun 2012
If you are a vendor and your product is affected, let us know.

CVSS Metrics (Learn More)

GroupScoreVector
Base7.5AV:N/AC:L/Au:N/C:P/I:P/A:P
Temporal5.8E:POC/RL:W/RC:UC
Environmental1.6CDP:L/TD:L/CR:ND/IR:ND/AR:ND

References

  • http://www.seagate.com/www/en-us/products/network_storage/blackarmor/
  • http://www.seagate.com/support/external-hard-drives/network-storage/blackarmor-nas-110/
  • http://www.seagate.com/support/external-hard-drives/network-storage/blackarmor-nas-220/
  • http://www.seagate.com/support/external-hard-drives/network-storage/blackarmor-nas-440/
  • http://forums.seagate.com/t5/BlackArmor-NAS-Network-Storage/Announcement-New-limited-release-firmware-is-available-for-all/td-p/164862

Credit

Thanks to Jason Ellison for reporting this vulnerability.

This document was written by Michael Orlando.

Other Information

  • CVE IDs:CVE-2012-2568
  • Date Public:23 May 2012
  • Date First Published:23 May 2012
  • Date Last Updated:27 Jun 2012
  • Document Revision:25

Feedback

If you have feedback, comments, or additional information about this vulnerability, please send us email.

This product is provided subject to the Notification as indicated here: http://www.us-cert.gov/legal.html#notify

Original Source

Url : http://www.kb.cert.org/vuls/id/515283

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-264 Permissions, Privileges, and Access Controls

CPE : Common Platform Enumeration

TypeDescriptionCount
Hardware 1

Snort® IPS/IDS

Date Description
2014-01-10 Seagate BlackArmor administrator password reset attempt
RuleID : 23102 - Revision : 8 - Type : POLICY-OTHER

Alert History

If you want to see full details history, please login or register.
0
Date Informations
2014-01-19 21:31:04
  • Multiple Updates