==================================================================== CERT-Renater Note d'Information No. 2012/VULN241 ____________________________________________________________________ DATE : 01/06/2012 HARDWARE PLATFORM(S): Seagate BlackArmor device. OPERATING SYSTEM(S): Seagate BlackArmor software. ====================================================================== http://www.kb.cert.org/vuls/id/515283 ______________________________________________________________________ ============================================================================= Vulnerability Note VU#515283 Seagate BlackArmor device static administrator password reset vulnerability Original Release date: 23 May 2012 | Last revised: 23 May 2012 The Seagate BlackArmor network attached storage device contains a static administrator password reset vulnerability. Description The Seagate BlackArmor network attached storage device contain a static php file used to reset the administrator password. A remote unauthenticated attacker with access to the device's management web server can directly access the webpage, http://DevicesIpAddress /d41d8cd98f00b204e9800998ecf8427e.php and reset the administrator password. Impact A remote unauthenticated attacker may be able to reset the administrator password of the device. Solution We are currently unaware of a practical solution to this problem. Restrict network access Restrict network access to the Seagate BlackArmor network attached storage devices system web interface and other devices using open protocols like HTTP. Vendor Information (Learn More) Vendor Status Date Notified Date Updated Seagate Technology LLC Affected 07 Mar 2012 23 May 2012 If you are a vendor and your product is affected, let us know. CVSS Metrics (Learn More) Group Score Vector Base 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P Temporal 5.8 E:POC/RL:W/RC:UC Environmental 1.6 CDP:L/TD:L/CR:ND/IR:ND/AR:ND References http://www.seagate.com/www/en-us/products/network_storage/blackarmor/ Credit Thanks to Jason Ellison for reporting this vulnerability. This document was written by Michael Orlando. Other Information CVE IDs: CVE-2012-2568 Date Public: 23 May 2012 Date First Published: 23 May 2012 Date Last Updated: 23 May 2012 Document Revision: 20 Feedback If you have feedback, comments, or additional information about this vulnerability, please send us email. This product is provided subject to the Notification as indicated here: http://www.us-cert.gov/legal.html#notify ====================================================================== ========================================================= Serveur de référence du CERT-Renater https://services.renater.fr/ssi/ ========================================================= + CERT-RENATER | tel : 01-53-94-20-44 + + 23 - 25 Rue Daviel | fax : 01-53-94-20-41 + + 75013 Paris | email: certsvp@renater.fr + =========================================================