Executive Summary

Summary
Title Toshiba 4690 OS contains an information disclosure vulnerability
Informations
Name VU#924506 First vendor Publication 2015-06-08
Vendor VU-CERT Last vendor Modification 2015-06-08
Severity (Vendor) N/A Revision M

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:P/I:N/A:N)
Cvss Base Score 4.3 Attack Range Network
Cvss Impact Score 2.9 Attack Complexity Medium
Cvss Expoit Score 8.6 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Vulnerability Note VU#924506

Toshiba 4690 OS contains an information disclosure vulnerability

Original Release date: 08 Jun 2015 | Last revised: 08 Jun 2015

Overview

The Toshiba 4690 operating system, version 6 (Release 3) and possibly earlier versions, contains an information disclosure vulnerability.

Description

CWE-200: Information Exposure - CVE-2014-4876

The Toshiba 4690 operating system, version 6 (Release 3) and possibly earlier versions, contains an information disclosure vulnerability. Sending a special string to TCP port 54138 causes system environment variables and other information to be returned to an unauthenticated client. The vendor has stated that this disclosure occurs by design as part of the support capabilities of 4690 and that:

    The data being returned contains information about the current state of the 4690 OS and can be used for problem determination. The information is generally the same as that available by local 4690 APIs or from RMA, the 4690 OS system management function. It doesn't contain sensitive (PCI) information.

Impact

A remote, unauthenticated attacker is able to view potentially sensitive system information.

Solution

The CERT/CC is currently unaware of a practical solution to this problem and recommends the following workaround.

Disable services
The vendor has suggested a workaround for users concerned about the information being exposed:

    The user should disable the ADXSITCF logical name to the string -q. This will disable the services that connect with the network to provide this information, however it will also disable RMA system management data collection as well as prevent the use of ADXSITQL by support teams for gathering information without dumping the machine.

Vendor Information (Learn More)

VendorStatusDate NotifiedDate Updated
Toshiba Commerce SolutionsAffected06 Aug 201402 Jun 2015
If you are a vendor and your product is affected, let us know.

CVSS Metrics (Learn More)

GroupScoreVector
Base5.0AV:N/AC:L/Au:N/C:P/I:N/A:N
Temporal4.5E:F/RL:W/RC:C
Environmental3.4CDP:N/TD:M/CR:ND/IR:ND/AR:ND

References

  • http://cwe.mitre.org/data/definitions/200.html
  • http://en.wikipedia.org/wiki/4690_Operating_System

Credit

Thanks to David Odell for reporting this vulnerability.

This document was written by Todd Lewellen and Joel Land.

Other Information

  • CVE IDs:CVE-2014-4876
  • Date Public:08 Jun 2015
  • Date First Published:08 Jun 2015
  • Date Last Updated:08 Jun 2015
  • Document Revision:18

Feedback

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Original Source

Url : http://www.kb.cert.org/vuls/id/924506

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-200 Information Exposure

CPE : Common Platform Enumeration

TypeDescriptionCount
Os 1

Alert History

If you want to see full details history, please login or register.
0
1
2
Date Informations
2016-01-01 00:28:05
  • Multiple Updates
2015-12-31 09:27:37
  • Multiple Updates
2015-06-08 17:24:17
  • First insertion