GSO

T-289: HP StorageWorks Products Remote Management Interface Privilege Escalation Vulnerability

TECHNICAL BULLETIN


PROBLEM:	HP StorageWorks Products Remote Management Interface Privilege Escalation Vulnerability
PLATFORM:	HP StorageWorks MSL8096 Tape Library firmware 8.90 HP StorageWorks MSL4048 Tape Library firmware 6.50 HP StorageWorks MSL2024 Tape Library firmware 4.20 HP StorageWorks 1/8 G2 Tape Autoloader firmware 2.30
ABSTRACT:	HP StorageWorks products are prone to a privilege-escalation vulnerability in the Remote Management Interface.

Discussion:

Attacker, once logged in as a regular user, only has to modify his cookie for the webpage that is like: RMU_LEVEL 1

Then if he changes the RMU_LEVEL (Remote Manager User Level parameter to 2, and then he is an administrator.

Solution:

Install the following patches

Attacker, once logged in as a regular user, only has to modify his cookie for the webpage that is like: RMU_LEVEL 1

0

Attacker, once logged in as a regular user, only has to modify his cookie for the webpage that is like: RMU_LEVEL 1

1

Attacker, once logged in as a regular user, only has to modify his cookie for the webpage that is like: RMU_LEVEL 1

2

Attacker, once logged in as a regular user, only has to modify his cookie for the webpage that is like: RMU_LEVEL 1

3

Attacker, once logged in as a regular user, only has to modify his cookie for the webpage that is like: RMU_LEVEL 1

4

Attacker, once logged in as a regular user, only has to modify his cookie for the webpage that is like: RMU_LEVEL 1

5

Attacker, once logged in as a regular user, only has to modify his cookie for the webpage that is like: RMU_LEVEL 1

6

Attacker, once logged in as a regular user, only has to modify his cookie for the webpage that is like: RMU_LEVEL 1

7

DOE-CIRC services are available to DOE, DOE Contractors, and the NIH. DOE-CIRC can be contacted at:

Attacker, once logged in as a regular user, only has to modify his cookie for the webpage that is like: RMU_LEVEL 1

8

Attacker, once logged in as a regular user, only has to modify his cookie for the webpage that is like: RMU_LEVEL 1

9

0

References

^ Privacy and Legal Notice (www.energy.gov)
^ This e-mail address is being protected from spambots. You need JavaScript enabled to view it (circ.jc3.doe.gov)
^ http://www.doecirc.energy.gov (www.doecirc.energy.gov)

Authors: JC3-CIRC

Read Full Article @ Source

Share It

Got News?

Get email updates

Stay Connected

RSS Vimeo Twitter Facebook Moby Picture

GovernmentSecurity.org is a collective of user submitted and syndicated content that is provided for reference purposes. GovernmentSecurity is not responsible for the content or external links found within. The content items are the sole responsibility of the users who have chosen to make information publicly available on the web. The articles and the opinions or information contained within are the creation of the individual and do not necessarily reflect the opinions of GovernmentSecurity.

GSO

T-289: HP StorageWorks Products Remote Management Interface Privilege Escalation Vulnerability

Related

Share It

Got News?

Popular

Get email updates

Stay Connected

Forums

Articles

News

GSO