KL-001-2017-009 : Solarwinds LEM Database Listener with Hardcoded Credentials Title: Solarwinds LEM Database Listener with Hardcoded Credentials Advisory ID: KL-001-2017-009 Publication Date: 2017.04.24 Publication URL: http://ift.tt/2pYR5Ec 1. Vulnerability Details Affected Vendor: Solarwinds Affected Product: Log and Event Manager Virtual Appliance Affected Version: v6.3.1 Platform: Embedded Linux CWE Classification: CWE-798: Use of Hard-coded Credentials, CWE-284: Improper Access Control Impact: Remote Database Compromise Attack vector: psql 2. Vulnerability Description The Postgres database has default hardcoded credentials. While some security measures were taken to ensure that network connectivity to the Postgres database wouldn't be possible using IPv4, the same measures were not taken for IPv6. 3. Technical Description Reviewing netstat for listening services shows that the postgres service is bound to both IPv6 and IPv6 interfaces. --(0)-[1.3.3.8]-[6.3.1]-[root@swi-lem
Source: Gmail -> IFTTT-> Blogger
No comments:
Post a Comment