Vulnerability Note VU#712660

Raritian PX power distribution software is vulnerable to the cipher zero attack.

Original Release date: 10 Jul 2014 | Last revised: 10 Jul 2014

Overview

Raritan PX power distribution software version 01.05.08 and previous running on a model DPXR20A-16 device allows remote attackers to bypass authentication and execute arbitrary IPMI commands by using cipher suite 0 (aka cipher zero) and an arbitrary password.

Description

CWE-287: Improper Authentication - CVE-2014-2955

Raritan PX power distribution software version 01.05.08 and previous running on a model DPXR20A-16 device allows remote attackers to bypass authentication and execute arbitrary IPMI commands by using cipher suite 0 (aka cipher zero) and an arbitrary password. Other product models and software versions may also be affected.

Impact

A remote unauthenticated attacker may be able to login and administer the device with full permissions of the compromised account.

Solution

Apply an Update
Raritan has provided a limited availability release, version 1.5.11. Raritan advises users to contact their sales or technical support for more details on how to obtain the release.

Restrict Access

Appropriate firewall rules and VLAN segmentation should be implemented so the management interface is not accessible from the general network.

Vendor Information (Learn More)

VendorStatusDate NotifiedDate Updated
Raritan IncAffected19 May 201410 Jul 2014
If you are a vendor and your product is affected, let us know.

CVSS Metrics (Learn More)

Group Score Vector
Base 10.0 AV:N/AC:L/Au:N/C:C/I:C/A:C
Temporal 9.0 E:H/RL:TF/RC:C
Environmental 7.0 CDP:LM/TD:M/CR:H/IR:H/AR:H

References

Credit

Thanks to Joerg Kost for reporting this vulnerability.

This document was written by Chris King.

Other Information

  • CVE IDs: CVE-2014-2955
  • Date Public: 10 Jul 2014
  • Date First Published: 10 Jul 2014
  • Date Last Updated: 10 Jul 2014
  • Document Revision: 20

Feedback

If you have feedback, comments, or additional information about this vulnerability, please send us email.