Bruteforce on SNS command-line service
Advisory ID |
CVE Number |
Date discovered |
Severity |
Advisory revision |
STORM-2019-013 |
|
08/08/2019 |
high |
v3 |
Vulnerability details
The command-line service of SNS (serverd) can be bruteforced. An attacker can remotely gain administrator rights on the firewall.
Impacted products
Products | Severity | Detail |
Stormshield Network Security
|
medium |
The SNS (serverd) command-line service can be bruteforced. An attacker can remotely gain administrator rights on the firewall. |
Netasq
|
high |
impacted |
Revisions
Version |
Date |
Description |
v1 |
08/08/2019 |
Initial release |
v2 |
09/03/2020 |
Add a workaround and update fix versions |
v3 |
10/09/2020 |
Update “Workaround solution” section |
Stormshield Network Security |
CVSS v2 Overall Score: 6.2 
|
Analysis
|
Impacted version
|
The SNS (serverd) command-line service can be bruteforced, an attacker can remotely gain administrator rights on the firewall.
|
- SNS 2.X
- SNS 3.0.0 to 3.9.2
- SNS 4.0.X
|
Workaround solution
|
Solution
|
Control and restrict administration API port usage:
- If the ‘serverd’ implicit rule is disabled ( by default it’s the case ) ensure that you do not explicitely authorize traffic to the UTM to the service ‘serverd’ (port 1300 by default) from untrusted networks in your explicit filtering rules
- If you have activated the ‘serverd’ implict rule ensure that serverd is only accessible via trusted networks by the explicit filtering rules
- Monitor the access logs of the UTM.
For further details, please consult the document “SNS 2.7.4 ANSSI qualification – C7 condition”.
|
The 3.10.0 and 4.1.1 updates will fix this vulnerability.
|
Access vector |
Access complexity |
Authentication |
Confidentiality impact |
Integrity impact |
Availability impact |
Adjacent Network |
Low |
None |
Complete |
Complete |
Complete |
Exploitability |
Remediation Level |
Report Confidence |
Unproven that exploit exists |
Official fix |
Confirmed |
Collateral Damage Potential |
Target Distribution |
None |
High [76-100%] |
Netasq |
CVSS v2 Overall Score: 7.1 
|
Analysis
|
Impacted version
|
The command-line service of Netasq UTMs (serverd) can be bruteforced, an attacker can remotely gain administrator rights on the firewall.
|
|
Workaround solution
|
Solution
|
There is no workaround solution.
|
No solution
|
Access vector |
Access complexity |
Authentication |
Confidentiality impact |
Integrity impact |
Availability impact |
Adjacent Network |
Low |
None |
Complete |
Complete |
Complete |
Exploitability |
Remediation Level |
Report Confidence |
Unproven that exploit exists |
Unavailable |
Confirmed |
Collateral Damage Potential |
Target Distribution |
None |
High [76-100%] |