Denial of service with Netbios-CIFS

Advisory ID CVE Number Date discovered Severity Advisory revision
STORM-2020-005 03/06/2020 medium v1

Vulnerability details

Potential denial of service of the UTM during CIFS exchanges

Impacted products

ProductsSeverityDetail
Stormshield Network Security medium Denial of service

Revisions

Version Date Description
v1  03/06/2020 Initial release


Stormshield Network Security

CVSS v2 Overall Score: 4.5      

Analysis

Impacted version

An attacker can open a netbios session and send crafted netbios packets through the UTM in order to cause a denial of service.

If your filtering rules does not allow CIFS-over-netbios (nb-cifs) then you are not impacted.
  • SNS 2.0.0 to 2.7.6
  • SNS 2.8.0 to 2.15.0
  • SNS 3.0.0 to 3.7.11
  • SNS 3.8.0 to 3.10.1
  • SNS 4.0.0 to 4.0.2

Workaround solution

Solution

Allow CIFS-over-Netbios exchanges only between trusted sources.

The SNS 2.7.7, 2.16.0, 3.7.12, 3.10.2 and 4.0.3 updates fix this vulnerability.



Access vector Access complexity Authentication Confidentiality impact Integrity impact Availability impact
Adjacent Network Low None None None Complete
CVSS Base score: 6.1 CVSS Vector: (AV:A/AC:L/Au:N/C:N/I:N/A:C)
Exploitability Remediation Level Report Confidence
Unproven that exploit exists Official fix Confirmed
CVSS Temporal score: 4.5 CVSS Vector: (AV:A/AC:L/Au:N/C:N/I:N/A:C/E:U/RL:OF/RC:C)
Collateral Damage Potential Target Distribution
None High [76-100%]
CVSS Environmental score: 4.5 CVSS Vector: (AV:A/AC:L/Au:N/C:N/I:N/A:C/E:U/RL:OF/RC:C/CDP:N/TD:H/CR:ND/IR:ND/AR:ND)