Fujitsu Eternus Storage DX200 S4 Broken Authentication

2020.11.26
tr Seccops (TR) tr
Risk: Medium
Local: Yes
Remote: Yes
CWE: CWE-287


CVSS Base Score: 10/10
Impact Subscore: 10/10
Exploitability Subscore: 10/10
Exploit range: Remote
Attack complexity: Low
Authentication: No required
Confidentiality impact: Complete
Integrity impact: Complete
Availability impact: Complete

# Title: Fujitsu Eternus Storage DX200 S4 Broken Authentication # Author: Seccops (https://seccops.com) # Vendor Homepage: https://www.fujitsu.com/global/products/computing/storage/disk/eternus-dx/ # Version: Fujitsu Eternus Storage DX200 S4 devices through 2020-11-25 # Classifications: OWASP: A2:2017-Broken Authentication, CWEs: CWE-287 & CWE-1028 # CVE: CVE-2020-29127 === Description === An issue was discovered on Fujitsu Eternus Storage DX200 S4 devices through 2020-11-25. After logging into the portal as a root user (using any web browser), the portal can be accessed with root privileges when the URI "cgi-bin/csp?cspid={XXXXXXXXXX}&csppage=cgi_PgOverview&csplang=en" is visited from a different web browser. After logging into the portal with a "root" user using any web browser, the portal can be accessed with "root" privileges when the link (http://eternus/cgi-bin/csp?cspid={XXXXXXXXXX}&csppage=cgi_PgOverview&csplang=en) formed is entered from a different web browser. Example: https://imgur.com/a/kuhCi04


Vote for this issue:
100%
0%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2021, cxsecurity.com

 

Back to Top