9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.369 Low
EPSS
Percentile
97.2%
The HP Data Protector does not perform user authentication, even when Encrypted Control Communications is enabled, and contains an embedded SSL private key that is shared among all installations.
CWE-306**: Missing Authentication for Critical Function -**CVE-2016-2004
Data Protector does not authenticate users, even with Encrypted Control Communications enabled. An unauthenticated remote attacker may be able to execute code on the server hosting Data Protector.
CWE-321: Use of Hard-coded Cryptographic Key
Data Protector contains an embedded SSL private key. This private key appears to be shared among all installations of Data Protector.
Data Protector versions 7, 8, and 9 are affected; other versions may also be impacted.
An unauthenticated remote attacker may be able to execute code on the server, or perform man-in-the-middle attacks against the server.
Apply an update
HP has released updates to Data Protector version 7, 8, and 9 to address these issues.
Affected users may consider the following workaround:
Restrict Network Access
As a general good security practice, only allow connections from trusted hosts and networks. Consult your firewall product’s manual for more information.
267328
Filter by status: All Affected Not Affected Unknown
Filter by content: __ Additional information available
__ Sort by: Status Alphabetical
Expand all
Javascript is disabled. Click here to view vendors.
Notified: November 11, 2015 Updated: April 22, 2016
Statement Date: April 19, 2016
Affected
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Group | Score | Vector |
---|---|---|
Base | 9.3 | AV:N/AC:M/Au:N/C:C/I:C/A:C |
Temporal | 8.4 | E:POC/RL:U/RC:C |
Environmental | 6.3 | CDP:ND/TD:M/CR:ND/IR:ND/AR:ND |
<https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05085988>
Thanks to Ian Lovering for reporting this vulnerability.
This document was written by Garret Wassermann.
CVE IDs: | CVE-2016-2004 |
---|---|
Date Public: | 2016-04-18 Date First Published: |
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.369 Low
EPSS
Percentile
97.2%