Executive Summary

Summary
Title Raritian PX power distribution software is vulnerable to the cipher zero attack.
Informations
Name VU#712660 First vendor Publication 2014-07-10
Vendor VU-CERT Last vendor Modification 2014-07-10
Severity (Vendor) N/A Revision M

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score 10 Attack Range Network
Cvss Impact Score 10 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Vulnerability Note VU#712660

Raritian PX power distribution software is vulnerable to the cipher zero attack.

Original Release date: 10 Jul 2014 | Last revised: 10 Jul 2014

Overview

Raritan PX power distribution software version 01.05.08 and previous running on a model DPXR20A-16 device allows remote attackers to bypass authentication and execute arbitrary IPMI commands by using cipher suite 0 (aka cipher zero) and an arbitrary password.

Description

CWE-287: Improper Authentication - CVE-2014-2955

Raritan PX power distribution software version 01.05.08 and previous running on a model DPXR20A-16 device allows remote attackers to bypass authentication and execute arbitrary IPMI commands by using cipher suite 0 (aka cipher zero) and an arbitrary password. Other product models and software versions may also be affected.

Impact

A remote unauthenticated attacker may be able to login and administer the device with full permissions of the compromised account.

Solution

Apply an Update
Raritan has provided a limited availability release, version 1.5.11. Raritan advises users to contact their sales or technical support for more details on how to obtain the release.

Restrict Access

Appropriate firewall rules and VLAN segmentation should be implemented so the management interface is not accessible from the general network.

Vendor Information (Learn More)

VendorStatusDate NotifiedDate Updated
Raritan IncAffected19 May 201410 Jul 2014
If you are a vendor and your product is affected, let us know.

CVSS Metrics (Learn More)

GroupScoreVector
Base10.0AV:N/AC:L/Au:N/C:C/I:C/A:C
Temporal9.0E:H/RL:TF/RC:C
Environmental7.0CDP:LM/TD:M/CR:H/IR:H/AR:H

References

  • http://productselector.appspot.com/showimage?fName=DPXR20A-16_spec.pdf&mName=DPXR20A-16&Type=pdf
  • http://fish2.com/ipmi/cipherzero.html
  • http://seclists.org/fulldisclosure/2014/Jul/14

Credit

Thanks to Joerg Kost for reporting this vulnerability.

This document was written by Chris King.

Other Information

  • CVE IDs:CVE-2014-2955
  • Date Public:10 Jul 2014
  • Date First Published:10 Jul 2014
  • Date Last Updated:10 Jul 2014
  • Document Revision:20

Feedback

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Original Source

Url : http://www.kb.cert.org/vuls/id/712660

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-287 Improper Authentication

CPE : Common Platform Enumeration

TypeDescriptionCount
Hardware 1
Os 15

Alert History

If you want to see full details history, please login or register.
0
1
2
3
Date Informations
2014-07-25 13:18:46
  • Multiple Updates
2014-07-15 21:28:35
  • Multiple Updates
2014-07-15 05:27:28
  • Multiple Updates
2014-07-10 21:21:43
  • First insertion