Werk #9526: Fix denial of service against webconf
Komponente | Firmware |
Titel | Fix denial of service against webconf |
Datum | 18.04.2023 |
Level | Kleine Änderung |
Klasse | Bugfix |
Kompatibilität | Kompatibel - benötigt kein manuelles Eingreifen |
Appliance Version | 1.6.5 |
Prior to this Werk an attacker was able to cause blocking IO in webconf rendering it unresponsive. (Denial of Service)
This vulnerability was identified through a commissioned penetration test conducted by OPTIMAbit (Roman Mueller).
Mitigations: In case updateing is not possible, one can limit access to Webconf to trusted IPs e.g. within Apache.
Indicators of Compromise: After a malicious/faulty request webconf will not be accessible for about 5 minutes. After these 5 minutes one can find messages containing [Errno 32] Broken pipe in /var/log/syslog.
Vulnerability Management: We have rated the issue with a CVSS Score of 7.5 (High) with the following CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H. We assigned CVE-2023-22318 to this vulnerability.